Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/expat@1.0-2
Typedeb
Namespacedebian
Nameexpat
Version1.0-2
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version2.7.5-1
Latest_non_vulnerable_version2.7.5-1
Affected_by_vulnerabilities
0
url VCID-28yc-wkq6-c7hb
vulnerability_id VCID-28yc-wkq6-c7hb
summary Multiple vulnerabilities have been discovered in Expat, the worst of which could result in arbitrary code execution.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-25313.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-25313.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-25313
reference_id
reference_type
scores
0
value 0.0013
scoring_system epss
scoring_elements 0.32656
published_at 2026-04-04T12:55:00Z
1
value 0.0013
scoring_system epss
scoring_elements 0.3262
published_at 2026-04-02T12:55:00Z
2
value 0.0013
scoring_system epss
scoring_elements 0.32478
published_at 2026-04-07T12:55:00Z
3
value 0.0013
scoring_system epss
scoring_elements 0.32526
published_at 2026-04-08T12:55:00Z
4
value 0.0013
scoring_system epss
scoring_elements 0.32491
published_at 2026-04-13T12:55:00Z
5
value 0.0013
scoring_system epss
scoring_elements 0.32518
published_at 2026-04-12T12:55:00Z
6
value 0.0013
scoring_system epss
scoring_elements 0.32553
published_at 2026-04-09T12:55:00Z
7
value 0.0013
scoring_system epss
scoring_elements 0.32555
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-25313
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25235
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25235
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25236
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25236
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25313
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25313
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25314
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25314
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25315
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25315
7
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
8
reference_url http://www.openwall.com/lists/oss-security/2022/02/19/1
reference_id 1
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:41:09Z/
url http://www.openwall.com/lists/oss-security/2022/02/19/1
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2056350
reference_id 2056350
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2056350
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU/
reference_id 3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:41:09Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU/
11
reference_url https://github.com/libexpat/libexpat/pull/558
reference_id 558
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:41:09Z/
url https://github.com/libexpat/libexpat/pull/558
12
reference_url https://www.debian.org/security/2022/dsa-5085
reference_id dsa-5085
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:41:09Z/
url https://www.debian.org/security/2022/dsa-5085
13
reference_url https://security.gentoo.org/glsa/202209-24
reference_id GLSA-202209-24
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:41:09Z/
url https://security.gentoo.org/glsa/202209-24
14
reference_url https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html
reference_id msg00007.html
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:41:09Z/
url https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html
15
reference_url https://security.netapp.com/advisory/ntap-20220303-0008/
reference_id ntap-20220303-0008
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:41:09Z/
url https://security.netapp.com/advisory/ntap-20220303-0008/
16
reference_url https://access.redhat.com/errata/RHSA-2022:5244
reference_id RHSA-2022:5244
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5244
17
reference_url https://access.redhat.com/errata/RHSA-2022:5314
reference_id RHSA-2022:5314
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5314
18
reference_url https://access.redhat.com/errata/RHSA-2022:7144
reference_id RHSA-2022:7144
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7144
19
reference_url https://access.redhat.com/errata/RHSA-2022:7811
reference_id RHSA-2022:7811
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7811
20
reference_url https://access.redhat.com/errata/RHSA-2025:22785
reference_id RHSA-2025:22785
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:22785
21
reference_url https://access.redhat.com/errata/RHSA-2025:22871
reference_id RHSA-2025:22871
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:22871
22
reference_url https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf
reference_id ssa-484086.pdf
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:41:09Z/
url https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf
23
reference_url https://usn.ubuntu.com/5320-1/
reference_id USN-5320-1
reference_type
scores
url https://usn.ubuntu.com/5320-1/
24
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM/
reference_id Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:41:09Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM/
fixed_packages
0
url pkg:deb/debian/expat@2.2.6-2%2Bdeb10u4
purl pkg:deb/debian/expat@2.2.6-2%2Bdeb10u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-28yc-wkq6-c7hb
1
vulnerability VCID-4c32-p11r-zud5
2
vulnerability VCID-7ndj-4zn8-cqa4
3
vulnerability VCID-94fm-s7mp-vfdb
4
vulnerability VCID-9ern-6htc-p7c4
5
vulnerability VCID-cy2n-zexk-jyda
6
vulnerability VCID-d26t-ex9d-x3ev
7
vulnerability VCID-dy3x-vd1y-dbbn
8
vulnerability VCID-gf3f-k2be-67e2
9
vulnerability VCID-gtcn-kyd2-xqdk
10
vulnerability VCID-k2kp-fv3q-vyh2
11
vulnerability VCID-kp8z-47q5-n7es
12
vulnerability VCID-mddr-7zar-6kfn
13
vulnerability VCID-n7m1-6qrq-auaf
14
vulnerability VCID-nmh4-zpeh-4bcr
15
vulnerability VCID-nw3z-nwyg-87e5
16
vulnerability VCID-nw7y-2xct-8fa5
17
vulnerability VCID-pba8-g9ts-43bw
18
vulnerability VCID-rjbn-1a88-87cj
19
vulnerability VCID-th9f-gg4v-bbbe
20
vulnerability VCID-tt7m-c9zc-1kem
21
vulnerability VCID-u2yw-sybk-uug8
22
vulnerability VCID-uw5p-szmd-8qcm
23
vulnerability VCID-x8gp-vvxg-13cw
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/expat@2.2.6-2%252Bdeb10u4
1
url pkg:deb/debian/expat@2.2.10-2%2Bdeb11u5
purl pkg:deb/debian/expat@2.2.10-2%2Bdeb11u5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1fms-7y9v-dfc5
1
vulnerability VCID-77y6-jskt-qucb
2
vulnerability VCID-7ndj-4zn8-cqa4
3
vulnerability VCID-d26t-ex9d-x3ev
4
vulnerability VCID-gtcn-kyd2-xqdk
5
vulnerability VCID-jqe4-44gw-wbhu
6
vulnerability VCID-k2kp-fv3q-vyh2
7
vulnerability VCID-nguf-68jf-ryaz
8
vulnerability VCID-nktd-7gph-kkb1
9
vulnerability VCID-nw3z-nwyg-87e5
10
vulnerability VCID-qmx9-wkj4-67h3
11
vulnerability VCID-u5pr-wheu-h7c6
12
vulnerability VCID-utz3-ytaf-cbht
13
vulnerability VCID-v41j-xj8s-m7ar
14
vulnerability VCID-yw8s-ezc7-6ub8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/expat@2.2.10-2%252Bdeb11u5
aliases CVE-2022-25313
risk_score 3.0
exploitability 0.5
weighted_severity 5.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-28yc-wkq6-c7hb
1
url VCID-3465-gq22-3kfy
vulnerability_id VCID-3465-gq22-3kfy
summary 
Multiple vulnerabilities have been found in Expat, the worst of
    which may allow execution of arbitrary code.
references
0
reference_url http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html
reference_id
reference_type
scores
url http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00064.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00064.html
2
reference_url http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00006.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00006.html
3
reference_url http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00007.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00007.html
4
reference_url http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00010.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00010.html
5
reference_url http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00004.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00004.html
6
reference_url http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00029.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00029.html
7
reference_url http://packetstormsecurity.com/files/141350/ESET-Endpoint-Antivirus-6-Remote-Code-Execution.html
reference_id
reference_type
scores
url http://packetstormsecurity.com/files/141350/ESET-Endpoint-Antivirus-6-Remote-Code-Execution.html
8
reference_url http://rhn.redhat.com/errata/RHSA-2016-2824.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2016-2824.html
9
reference_url https://access.redhat.com/errata/RHSA-2018:2486
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:2486
10
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0718.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0718.json
11
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-0718
reference_id
reference_type
scores
0
value 0.02827
scoring_system epss
scoring_elements 0.8617
published_at 2026-04-13T12:55:00Z
1
value 0.02827
scoring_system epss
scoring_elements 0.86105
published_at 2026-04-01T12:55:00Z
2
value 0.02827
scoring_system epss
scoring_elements 0.8615
published_at 2026-04-08T12:55:00Z
3
value 0.02827
scoring_system epss
scoring_elements 0.86162
published_at 2026-04-09T12:55:00Z
4
value 0.02827
scoring_system epss
scoring_elements 0.86176
published_at 2026-04-11T12:55:00Z
5
value 0.02827
scoring_system epss
scoring_elements 0.86174
published_at 2026-04-12T12:55:00Z
6
value 0.02827
scoring_system epss
scoring_elements 0.86115
published_at 2026-04-02T12:55:00Z
7
value 0.02827
scoring_system epss
scoring_elements 0.86132
published_at 2026-04-04T12:55:00Z
8
value 0.02827
scoring_system epss
scoring_elements 0.86131
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-0718
12
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1236923
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1236923
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4472
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4472
14
reference_url http://seclists.org/fulldisclosure/2017/Feb/68
reference_id
reference_type
scores
url http://seclists.org/fulldisclosure/2017/Feb/68
15
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
16
reference_url https://kc.mcafee.com/corporate/index?page=content&id=SB10365
reference_id
reference_type
scores
url https://kc.mcafee.com/corporate/index?page=content&id=SB10365
17
reference_url https://source.android.com/security/bulletin/2016-11-01.html
reference_id
reference_type
scores
url https://source.android.com/security/bulletin/2016-11-01.html
18
reference_url https://support.apple.com/HT206903
reference_id
reference_type
scores
url https://support.apple.com/HT206903
19
reference_url http://support.eset.com/ca6333/
reference_id
reference_type
scores
url http://support.eset.com/ca6333/
20
reference_url https://www.tenable.com/security/tns-2016-20
reference_id
reference_type
scores
url https://www.tenable.com/security/tns-2016-20
21
reference_url http://www.debian.org/security/2016/dsa-3582
reference_id
reference_type
scores
url http://www.debian.org/security/2016/dsa-3582
22
reference_url http://www.mozilla.org/security/announce/2016/mfsa2016-68.html
reference_id
reference_type
scores
url http://www.mozilla.org/security/announce/2016/mfsa2016-68.html
23
reference_url http://www.openwall.com/lists/oss-security/2016/05/17/12
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2016/05/17/12
24
reference_url http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
reference_id
reference_type
scores
url http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
25
reference_url http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html
reference_id
reference_type
scores
url http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html
26
reference_url http://www.securityfocus.com/bid/90729
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/90729
27
reference_url http://www.securitytracker.com/id/1036348
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1036348
28
reference_url http://www.securitytracker.com/id/1036415
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1036415
29
reference_url http://www.securitytracker.com/id/1037705
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1037705
30
reference_url http://www.ubuntu.com/usn/USN-2983-1
reference_id
reference_type
scores
url http://www.ubuntu.com/usn/USN-2983-1
31
reference_url http://www.ubuntu.com/usn/USN-3044-1
reference_id
reference_type
scores
url http://www.ubuntu.com/usn/USN-3044-1
32
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1296102
reference_id 1296102
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1296102
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libexpat_project:libexpat:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:libexpat_project:libexpat:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libexpat_project:libexpat:*:*:*:*:*:*:*:*
34
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mcafee:policy_auditor:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mcafee:policy_auditor:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mcafee:policy_auditor:*:*:*:*:*:*:*:*
35
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
36
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:python:python:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:*:*:*:*:*:*:*:*
37
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp4:*:*:*:*:*:*
reference_id cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp4:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp4:*:*:*:*:*:*
38
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:suse:studio_onsite:1.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:suse:studio_onsite:1.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:suse:studio_onsite:1.3:*:*:*:*:*:*:*
39
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
reference_id cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
40
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
41
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
42
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
43
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
44
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
reference_id cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
45
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
reference_id cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
46
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*
reference_id cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*
47
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*
reference_id cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*
48
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_desktop:12:sp1:*:*:*:*:*:*
reference_id cpe:2.3:o:suse:linux_enterprise_desktop:12:sp1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_desktop:12:sp1:*:*:*:*:*:*
49
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*
reference_id cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*
50
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*
reference_id cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*
51
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:12:sp1:*:*:*:*:*:*
reference_id cpe:2.3:o:suse:linux_enterprise_server:12:sp1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:12:sp1:*:*:*:*:*:*
52
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp4:*:*:*:*:*:*
reference_id cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp4:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp4:*:*:*:*:*:*
53
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:*
reference_id cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:*
54
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:sp1:*:*:*:*:*:*
reference_id cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:sp1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:sp1:*:*:*:*:*:*
55
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0718
reference_id CVE-2016-0718
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0718
56
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-0718
reference_id CVE-2016-0718
reference_type
scores
0
value 7.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:P/A:P
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2016-0718
57
reference_url https://security.gentoo.org/glsa/201701-21
reference_id GLSA-201701-21
reference_type
scores
url https://security.gentoo.org/glsa/201701-21
58
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-68
reference_id mfsa2016-68
reference_type
scores
0
value none
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-68
59
reference_url https://access.redhat.com/errata/RHSA-2016:2824
reference_id RHSA-2016:2824
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:2824
60
reference_url https://usn.ubuntu.com/2983-1/
reference_id USN-2983-1
reference_type
scores
url https://usn.ubuntu.com/2983-1/
61
reference_url https://usn.ubuntu.com/3013-1/
reference_id USN-3013-1
reference_type
scores
url https://usn.ubuntu.com/3013-1/
62
reference_url https://usn.ubuntu.com/3044-1/
reference_id USN-3044-1
reference_type
scores
url https://usn.ubuntu.com/3044-1/
63
reference_url https://usn.ubuntu.com/7199-1/
reference_id USN-7199-1
reference_type
scores
url https://usn.ubuntu.com/7199-1/
64
reference_url https://usn.ubuntu.com/USN-5455-1/
reference_id USN-USN-5455-1
reference_type
scores
url https://usn.ubuntu.com/USN-5455-1/
fixed_packages
0
url pkg:deb/debian/expat@2.1.0-6%2Bdeb8u4
purl pkg:deb/debian/expat@2.1.0-6%2Bdeb8u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-28yc-wkq6-c7hb
1
vulnerability VCID-3465-gq22-3kfy
2
vulnerability VCID-4c32-p11r-zud5
3
vulnerability VCID-6c4q-2my8-aqbc
4
vulnerability VCID-6pk2-g77j-h3b2
5
vulnerability VCID-7ndj-4zn8-cqa4
6
vulnerability VCID-94fm-s7mp-vfdb
7
vulnerability VCID-96wu-nph4-5yb5
8
vulnerability VCID-9ern-6htc-p7c4
9
vulnerability VCID-cy2n-zexk-jyda
10
vulnerability VCID-d26t-ex9d-x3ev
11
vulnerability VCID-dy3x-vd1y-dbbn
12
vulnerability VCID-gf3f-k2be-67e2
13
vulnerability VCID-gtcn-kyd2-xqdk
14
vulnerability VCID-h5xc-cubs-5fgu
15
vulnerability VCID-k2kp-fv3q-vyh2
16
vulnerability VCID-kp8z-47q5-n7es
17
vulnerability VCID-mddr-7zar-6kfn
18
vulnerability VCID-n7m1-6qrq-auaf
19
vulnerability VCID-naf7-p1jf-z3ds
20
vulnerability VCID-nmh4-zpeh-4bcr
21
vulnerability VCID-nw3z-nwyg-87e5
22
vulnerability VCID-nw7y-2xct-8fa5
23
vulnerability VCID-pba8-g9ts-43bw
24
vulnerability VCID-qcbz-21vm-eqfd
25
vulnerability VCID-r14v-u2r3-rkhz
26
vulnerability VCID-rjbn-1a88-87cj
27
vulnerability VCID-th9f-gg4v-bbbe
28
vulnerability VCID-tt7m-c9zc-1kem
29
vulnerability VCID-u2yw-sybk-uug8
30
vulnerability VCID-uw5p-szmd-8qcm
31
vulnerability VCID-x8gp-vvxg-13cw
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/expat@2.1.0-6%252Bdeb8u4
1
url pkg:deb/debian/expat@2.2.0-2%2Bdeb9u3
purl pkg:deb/debian/expat@2.2.0-2%2Bdeb9u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-28yc-wkq6-c7hb
1
vulnerability VCID-4c32-p11r-zud5
2
vulnerability VCID-7ndj-4zn8-cqa4
3
vulnerability VCID-94fm-s7mp-vfdb
4
vulnerability VCID-9ern-6htc-p7c4
5
vulnerability VCID-cy2n-zexk-jyda
6
vulnerability VCID-d26t-ex9d-x3ev
7
vulnerability VCID-dy3x-vd1y-dbbn
8
vulnerability VCID-gf3f-k2be-67e2
9
vulnerability VCID-gtcn-kyd2-xqdk
10
vulnerability VCID-k2kp-fv3q-vyh2
11
vulnerability VCID-kp8z-47q5-n7es
12
vulnerability VCID-mddr-7zar-6kfn
13
vulnerability VCID-n7m1-6qrq-auaf
14
vulnerability VCID-naf7-p1jf-z3ds
15
vulnerability VCID-nmh4-zpeh-4bcr
16
vulnerability VCID-nw3z-nwyg-87e5
17
vulnerability VCID-nw7y-2xct-8fa5
18
vulnerability VCID-pba8-g9ts-43bw
19
vulnerability VCID-r14v-u2r3-rkhz
20
vulnerability VCID-rjbn-1a88-87cj
21
vulnerability VCID-th9f-gg4v-bbbe
22
vulnerability VCID-tt7m-c9zc-1kem
23
vulnerability VCID-u2yw-sybk-uug8
24
vulnerability VCID-uw5p-szmd-8qcm
25
vulnerability VCID-x8gp-vvxg-13cw
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/expat@2.2.0-2%252Bdeb9u3
aliases CVE-2016-0718
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3465-gq22-3kfy
2
url VCID-4c32-p11r-zud5
vulnerability_id VCID-4c32-p11r-zud5
summary Multiple vulnerabilities have been discovered in Expat, the worst of which could result in arbitrary code execution.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-45960.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-45960.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-45960
reference_id
reference_type
scores
0
value 0.00346
scoring_system epss
scoring_elements 0.57039
published_at 2026-04-01T12:55:00Z
1
value 0.00346
scoring_system epss
scoring_elements 0.57133
published_at 2026-04-02T12:55:00Z
2
value 0.00346
scoring_system epss
scoring_elements 0.57157
published_at 2026-04-13T12:55:00Z
3
value 0.00346
scoring_system epss
scoring_elements 0.57155
published_at 2026-04-04T12:55:00Z
4
value 0.00346
scoring_system epss
scoring_elements 0.57132
published_at 2026-04-07T12:55:00Z
5
value 0.00346
scoring_system epss
scoring_elements 0.57183
published_at 2026-04-08T12:55:00Z
6
value 0.00346
scoring_system epss
scoring_elements 0.57185
published_at 2026-04-09T12:55:00Z
7
value 0.00346
scoring_system epss
scoring_elements 0.57197
published_at 2026-04-11T12:55:00Z
8
value 0.00346
scoring_system epss
scoring_elements 0.57176
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-45960
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45960
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45960
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46143
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46143
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22822
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22822
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22823
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22823
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22824
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22824
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22825
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22825
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22826
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22826
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22827
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22827
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23852
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23852
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23990
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23990
12
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
13
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1002994
reference_id 1002994
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1002994
14
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2044451
reference_id 2044451
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2044451
15
reference_url http://www.openwall.com/lists/oss-security/2022/01/17/3
reference_id 3
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:29:38Z/
url http://www.openwall.com/lists/oss-security/2022/01/17/3
16
reference_url https://github.com/libexpat/libexpat/issues/531
reference_id 531
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:29:38Z/
url https://github.com/libexpat/libexpat/issues/531
17
reference_url https://github.com/libexpat/libexpat/pull/534
reference_id 534
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:29:38Z/
url https://github.com/libexpat/libexpat/pull/534
18
reference_url https://www.debian.org/security/2022/dsa-5073
reference_id dsa-5073
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:29:38Z/
url https://www.debian.org/security/2022/dsa-5073
19
reference_url https://security.gentoo.org/glsa/202209-24
reference_id GLSA-202209-24
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:29:38Z/
url https://security.gentoo.org/glsa/202209-24
20
reference_url https://security.netapp.com/advisory/ntap-20220121-0004/
reference_id ntap-20220121-0004
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:29:38Z/
url https://security.netapp.com/advisory/ntap-20220121-0004/
21
reference_url https://access.redhat.com/errata/RHSA-2022:0951
reference_id RHSA-2022:0951
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0951
22
reference_url https://access.redhat.com/errata/RHSA-2022:1069
reference_id RHSA-2022:1069
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1069
23
reference_url https://access.redhat.com/errata/RHSA-2022:7144
reference_id RHSA-2022:7144
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7144
24
reference_url https://access.redhat.com/errata/RHSA-2025:22785
reference_id RHSA-2025:22785
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:22785
25
reference_url https://access.redhat.com/errata/RHSA-2025:22871
reference_id RHSA-2025:22871
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:22871
26
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1217609
reference_id show_bug.cgi?id=1217609
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:29:38Z/
url https://bugzilla.mozilla.org/show_bug.cgi?id=1217609
27
reference_url https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf
reference_id ssa-484086.pdf
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:29:38Z/
url https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf
28
reference_url https://www.tenable.com/security/tns-2022-05
reference_id tns-2022-05
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:29:38Z/
url https://www.tenable.com/security/tns-2022-05
29
reference_url https://usn.ubuntu.com/5288-1/
reference_id USN-5288-1
reference_type
scores
url https://usn.ubuntu.com/5288-1/
fixed_packages
0
url pkg:deb/debian/expat@2.2.6-2%2Bdeb10u4
purl pkg:deb/debian/expat@2.2.6-2%2Bdeb10u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-28yc-wkq6-c7hb
1
vulnerability VCID-4c32-p11r-zud5
2
vulnerability VCID-7ndj-4zn8-cqa4
3
vulnerability VCID-94fm-s7mp-vfdb
4
vulnerability VCID-9ern-6htc-p7c4
5
vulnerability VCID-cy2n-zexk-jyda
6
vulnerability VCID-d26t-ex9d-x3ev
7
vulnerability VCID-dy3x-vd1y-dbbn
8
vulnerability VCID-gf3f-k2be-67e2
9
vulnerability VCID-gtcn-kyd2-xqdk
10
vulnerability VCID-k2kp-fv3q-vyh2
11
vulnerability VCID-kp8z-47q5-n7es
12
vulnerability VCID-mddr-7zar-6kfn
13
vulnerability VCID-n7m1-6qrq-auaf
14
vulnerability VCID-nmh4-zpeh-4bcr
15
vulnerability VCID-nw3z-nwyg-87e5
16
vulnerability VCID-nw7y-2xct-8fa5
17
vulnerability VCID-pba8-g9ts-43bw
18
vulnerability VCID-rjbn-1a88-87cj
19
vulnerability VCID-th9f-gg4v-bbbe
20
vulnerability VCID-tt7m-c9zc-1kem
21
vulnerability VCID-u2yw-sybk-uug8
22
vulnerability VCID-uw5p-szmd-8qcm
23
vulnerability VCID-x8gp-vvxg-13cw
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/expat@2.2.6-2%252Bdeb10u4
1
url pkg:deb/debian/expat@2.2.10-2%2Bdeb11u5
purl pkg:deb/debian/expat@2.2.10-2%2Bdeb11u5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1fms-7y9v-dfc5
1
vulnerability VCID-77y6-jskt-qucb
2
vulnerability VCID-7ndj-4zn8-cqa4
3
vulnerability VCID-d26t-ex9d-x3ev
4
vulnerability VCID-gtcn-kyd2-xqdk
5
vulnerability VCID-jqe4-44gw-wbhu
6
vulnerability VCID-k2kp-fv3q-vyh2
7
vulnerability VCID-nguf-68jf-ryaz
8
vulnerability VCID-nktd-7gph-kkb1
9
vulnerability VCID-nw3z-nwyg-87e5
10
vulnerability VCID-qmx9-wkj4-67h3
11
vulnerability VCID-u5pr-wheu-h7c6
12
vulnerability VCID-utz3-ytaf-cbht
13
vulnerability VCID-v41j-xj8s-m7ar
14
vulnerability VCID-yw8s-ezc7-6ub8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/expat@2.2.10-2%252Bdeb11u5
aliases CVE-2021-45960
risk_score 4.0
exploitability 0.5
weighted_severity 7.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4c32-p11r-zud5
3
url VCID-4zzy-q5zp-jkgm
vulnerability_id VCID-4zzy-q5zp-jkgm
summary A buffer over-read flaw was found in the bundled expat library. An attacker who is able to get Apache to parse an untrused XML document (for example through mod_dav) may be able to cause a crash. This crash would only be a denial of service if using the worker MPM.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3720.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3720.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2009-3720
reference_id
reference_type
scores
0
value 0.01541
scoring_system epss
scoring_elements 0.81381
published_at 2026-04-12T12:55:00Z
1
value 0.01541
scoring_system epss
scoring_elements 0.8131
published_at 2026-04-01T12:55:00Z
2
value 0.01541
scoring_system epss
scoring_elements 0.81319
published_at 2026-04-02T12:55:00Z
3
value 0.01541
scoring_system epss
scoring_elements 0.81341
published_at 2026-04-04T12:55:00Z
4
value 0.01541
scoring_system epss
scoring_elements 0.81339
published_at 2026-04-07T12:55:00Z
5
value 0.01541
scoring_system epss
scoring_elements 0.81368
published_at 2026-04-08T12:55:00Z
6
value 0.01541
scoring_system epss
scoring_elements 0.81373
published_at 2026-04-13T12:55:00Z
7
value 0.01541
scoring_system epss
scoring_elements 0.81394
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2009-3720
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3720
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3720
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=531697
reference_id 531697
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=531697
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551936
reference_id 551936
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551936
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560919
reference_id 560919
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560919
6
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560920
reference_id 560920
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560920
7
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560921
reference_id 560921
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560921
8
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560922
reference_id 560922
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560922
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560926
reference_id 560926
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560926
10
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560927
reference_id 560927
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560927
11
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560928
reference_id 560928
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560928
12
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560929
reference_id 560929
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560929
13
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560930
reference_id 560930
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560930
14
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560935
reference_id 560935
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560935
15
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560936
reference_id 560936
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560936
16
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560937
reference_id 560937
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560937
17
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560940
reference_id 560940
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560940
18
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560942
reference_id 560942
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560942
19
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560950
reference_id 560950
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560950
20
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=601053
reference_id 601053
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=601053
21
reference_url https://httpd.apache.org/security/json/CVE-2009-3720.json
reference_id CVE-2009-3720
reference_type
scores
0
value low
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2009-3720.json
22
reference_url https://security.gentoo.org/glsa/201209-06
reference_id GLSA-201209-06
reference_type
scores
url https://security.gentoo.org/glsa/201209-06
23
reference_url https://access.redhat.com/errata/RHSA-2009:1572
reference_id RHSA-2009:1572
reference_type
scores
url https://access.redhat.com/errata/RHSA-2009:1572
24
reference_url https://access.redhat.com/errata/RHSA-2009:1625
reference_id RHSA-2009:1625
reference_type
scores
url https://access.redhat.com/errata/RHSA-2009:1625
25
reference_url https://access.redhat.com/errata/RHSA-2010:0002
reference_id RHSA-2010:0002
reference_type
scores
url https://access.redhat.com/errata/RHSA-2010:0002
26
reference_url https://access.redhat.com/errata/RHSA-2011:0491
reference_id RHSA-2011:0491
reference_type
scores
url https://access.redhat.com/errata/RHSA-2011:0491
27
reference_url https://access.redhat.com/errata/RHSA-2011:0492
reference_id RHSA-2011:0492
reference_type
scores
url https://access.redhat.com/errata/RHSA-2011:0492
28
reference_url https://access.redhat.com/errata/RHSA-2017:3239
reference_id RHSA-2017:3239
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3239
29
reference_url https://usn.ubuntu.com/890-1/
reference_id USN-890-1
reference_type
scores
url https://usn.ubuntu.com/890-1/
30
reference_url https://usn.ubuntu.com/890-2/
reference_id USN-890-2
reference_type
scores
url https://usn.ubuntu.com/890-2/
31
reference_url https://usn.ubuntu.com/890-3/
reference_id USN-890-3
reference_type
scores
url https://usn.ubuntu.com/890-3/
32
reference_url https://usn.ubuntu.com/890-4/
reference_id USN-890-4
reference_type
scores
url https://usn.ubuntu.com/890-4/
33
reference_url https://usn.ubuntu.com/890-5/
reference_id USN-890-5
reference_type
scores
url https://usn.ubuntu.com/890-5/
34
reference_url https://usn.ubuntu.com/890-6/
reference_id USN-890-6
reference_type
scores
url https://usn.ubuntu.com/890-6/
fixed_packages
0
url pkg:deb/debian/expat@2.0.1-7%2Bsqueeze1
purl pkg:deb/debian/expat@2.0.1-7%2Bsqueeze1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-28yc-wkq6-c7hb
1
vulnerability VCID-3465-gq22-3kfy
2
vulnerability VCID-4c32-p11r-zud5
3
vulnerability VCID-6c4q-2my8-aqbc
4
vulnerability VCID-6pk2-g77j-h3b2
5
vulnerability VCID-7ndj-4zn8-cqa4
6
vulnerability VCID-94fm-s7mp-vfdb
7
vulnerability VCID-96wu-nph4-5yb5
8
vulnerability VCID-9ern-6htc-p7c4
9
vulnerability VCID-cy2n-zexk-jyda
10
vulnerability VCID-d26t-ex9d-x3ev
11
vulnerability VCID-dy3x-vd1y-dbbn
12
vulnerability VCID-e742-j1bw-jbbh
13
vulnerability VCID-gf3f-k2be-67e2
14
vulnerability VCID-gtcn-kyd2-xqdk
15
vulnerability VCID-h5xc-cubs-5fgu
16
vulnerability VCID-k2kp-fv3q-vyh2
17
vulnerability VCID-kp8z-47q5-n7es
18
vulnerability VCID-mddr-7zar-6kfn
19
vulnerability VCID-n7m1-6qrq-auaf
20
vulnerability VCID-naf7-p1jf-z3ds
21
vulnerability VCID-nmh4-zpeh-4bcr
22
vulnerability VCID-nw3z-nwyg-87e5
23
vulnerability VCID-nw7y-2xct-8fa5
24
vulnerability VCID-pba8-g9ts-43bw
25
vulnerability VCID-qcbz-21vm-eqfd
26
vulnerability VCID-r14v-u2r3-rkhz
27
vulnerability VCID-ra3j-95vv-cfen
28
vulnerability VCID-rjbn-1a88-87cj
29
vulnerability VCID-th9f-gg4v-bbbe
30
vulnerability VCID-tt7m-c9zc-1kem
31
vulnerability VCID-u2yw-sybk-uug8
32
vulnerability VCID-uw5p-szmd-8qcm
33
vulnerability VCID-x8gp-vvxg-13cw
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/expat@2.0.1-7%252Bsqueeze1
aliases CVE-2009-3720
risk_score 1.1
exploitability 0.5
weighted_severity 2.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4zzy-q5zp-jkgm
4
url VCID-6c4q-2my8-aqbc
vulnerability_id VCID-6c4q-2my8-aqbc
summary 
Uncontrolled Resource Consumption
The XML parser in Expat does not use sufficient entropy for hash initialization, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted identifiers in an XML document.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5300.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5300.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-5300
reference_id
reference_type
scores
0
value 0.02202
scoring_system epss
scoring_elements 0.84428
published_at 2026-04-13T12:55:00Z
1
value 0.02202
scoring_system epss
scoring_elements 0.84419
published_at 2026-04-09T12:55:00Z
2
value 0.02202
scoring_system epss
scoring_elements 0.84437
published_at 2026-04-11T12:55:00Z
3
value 0.02202
scoring_system epss
scoring_elements 0.84432
published_at 2026-04-12T12:55:00Z
4
value 0.02202
scoring_system epss
scoring_elements 0.84356
published_at 2026-04-01T12:55:00Z
5
value 0.02202
scoring_system epss
scoring_elements 0.8437
published_at 2026-04-02T12:55:00Z
6
value 0.02202
scoring_system epss
scoring_elements 0.8439
published_at 2026-04-04T12:55:00Z
7
value 0.02202
scoring_system epss
scoring_elements 0.84393
published_at 2026-04-07T12:55:00Z
8
value 0.02202
scoring_system epss
scoring_elements 0.84414
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-5300
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6702
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6702
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5300
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5300
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:N/A:N
1
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://kc.mcafee.com/corporate/index?page=content&id=SB10365
reference_id
reference_type
scores
url https://kc.mcafee.com/corporate/index?page=content&id=SB10365
6
reference_url https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E
7
reference_url https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E
8
reference_url https://source.android.com/security/bulletin/2016-11-01.html
reference_id
reference_type
scores
url https://source.android.com/security/bulletin/2016-11-01.html
9
reference_url https://www.tenable.com/security/tns-2016-20
reference_id
reference_type
scores
url https://www.tenable.com/security/tns-2016-20
10
reference_url http://www.debian.org/security/2016/dsa-3597
reference_id
reference_type
scores
url http://www.debian.org/security/2016/dsa-3597
11
reference_url http://www.openwall.com/lists/oss-security/2016/06/04/4
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2016/06/04/4
12
reference_url http://www.openwall.com/lists/oss-security/2016/06/04/5
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2016/06/04/5
13
reference_url http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
reference_id
reference_type
scores
url http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
14
reference_url http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html
reference_id
reference_type
scores
url http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html
15
reference_url http://www.securityfocus.com/bid/91159
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/91159
16
reference_url http://www.ubuntu.com/usn/USN-3010-1
reference_id
reference_type
scores
url http://www.ubuntu.com/usn/USN-3010-1
17
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1343085
reference_id 1343085
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1343085
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libexpat_project:libexpat:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:libexpat_project:libexpat:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libexpat_project:libexpat:*:*:*:*:*:*:*:*
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.4.4:*:*:*:*:*:*:*
reference_id cpe:2.3:o:google:android:4.4.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.4.4:*:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.0.2:*:*:*:*:*:*:*
reference_id cpe:2.3:o:google:android:5.0.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.0.2:*:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.1.1:*:*:*:*:*:*:*
reference_id cpe:2.3:o:google:android:5.1.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.1.1:*:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:google:android:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:6.0:*:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:6.0.1:*:*:*:*:*:*:*
reference_id cpe:2.3:o:google:android:6.0.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:6.0.1:*:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-5300
reference_id CVE-2016-5300
reference_type
scores
0
value 7.8
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:N/A:C
1
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2016-5300
30
reference_url https://security.gentoo.org/glsa/201701-21
reference_id GLSA-201701-21
reference_type
scores
url https://security.gentoo.org/glsa/201701-21
31
reference_url https://usn.ubuntu.com/3010-1/
reference_id USN-3010-1
reference_type
scores
url https://usn.ubuntu.com/3010-1/
32
reference_url https://usn.ubuntu.com/3013-1/
reference_id USN-3013-1
reference_type
scores
url https://usn.ubuntu.com/3013-1/
fixed_packages
0
url pkg:deb/debian/expat@2.1.0-6%2Bdeb8u4
purl pkg:deb/debian/expat@2.1.0-6%2Bdeb8u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-28yc-wkq6-c7hb
1
vulnerability VCID-3465-gq22-3kfy
2
vulnerability VCID-4c32-p11r-zud5
3
vulnerability VCID-6c4q-2my8-aqbc
4
vulnerability VCID-6pk2-g77j-h3b2
5
vulnerability VCID-7ndj-4zn8-cqa4
6
vulnerability VCID-94fm-s7mp-vfdb
7
vulnerability VCID-96wu-nph4-5yb5
8
vulnerability VCID-9ern-6htc-p7c4
9
vulnerability VCID-cy2n-zexk-jyda
10
vulnerability VCID-d26t-ex9d-x3ev
11
vulnerability VCID-dy3x-vd1y-dbbn
12
vulnerability VCID-gf3f-k2be-67e2
13
vulnerability VCID-gtcn-kyd2-xqdk
14
vulnerability VCID-h5xc-cubs-5fgu
15
vulnerability VCID-k2kp-fv3q-vyh2
16
vulnerability VCID-kp8z-47q5-n7es
17
vulnerability VCID-mddr-7zar-6kfn
18
vulnerability VCID-n7m1-6qrq-auaf
19
vulnerability VCID-naf7-p1jf-z3ds
20
vulnerability VCID-nmh4-zpeh-4bcr
21
vulnerability VCID-nw3z-nwyg-87e5
22
vulnerability VCID-nw7y-2xct-8fa5
23
vulnerability VCID-pba8-g9ts-43bw
24
vulnerability VCID-qcbz-21vm-eqfd
25
vulnerability VCID-r14v-u2r3-rkhz
26
vulnerability VCID-rjbn-1a88-87cj
27
vulnerability VCID-th9f-gg4v-bbbe
28
vulnerability VCID-tt7m-c9zc-1kem
29
vulnerability VCID-u2yw-sybk-uug8
30
vulnerability VCID-uw5p-szmd-8qcm
31
vulnerability VCID-x8gp-vvxg-13cw
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/expat@2.1.0-6%252Bdeb8u4
1
url pkg:deb/debian/expat@2.2.0-2%2Bdeb9u3
purl pkg:deb/debian/expat@2.2.0-2%2Bdeb9u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-28yc-wkq6-c7hb
1
vulnerability VCID-4c32-p11r-zud5
2
vulnerability VCID-7ndj-4zn8-cqa4
3
vulnerability VCID-94fm-s7mp-vfdb
4
vulnerability VCID-9ern-6htc-p7c4
5
vulnerability VCID-cy2n-zexk-jyda
6
vulnerability VCID-d26t-ex9d-x3ev
7
vulnerability VCID-dy3x-vd1y-dbbn
8
vulnerability VCID-gf3f-k2be-67e2
9
vulnerability VCID-gtcn-kyd2-xqdk
10
vulnerability VCID-k2kp-fv3q-vyh2
11
vulnerability VCID-kp8z-47q5-n7es
12
vulnerability VCID-mddr-7zar-6kfn
13
vulnerability VCID-n7m1-6qrq-auaf
14
vulnerability VCID-naf7-p1jf-z3ds
15
vulnerability VCID-nmh4-zpeh-4bcr
16
vulnerability VCID-nw3z-nwyg-87e5
17
vulnerability VCID-nw7y-2xct-8fa5
18
vulnerability VCID-pba8-g9ts-43bw
19
vulnerability VCID-r14v-u2r3-rkhz
20
vulnerability VCID-rjbn-1a88-87cj
21
vulnerability VCID-th9f-gg4v-bbbe
22
vulnerability VCID-tt7m-c9zc-1kem
23
vulnerability VCID-u2yw-sybk-uug8
24
vulnerability VCID-uw5p-szmd-8qcm
25
vulnerability VCID-x8gp-vvxg-13cw
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/expat@2.2.0-2%252Bdeb9u3
aliases CVE-2016-5300
risk_score 3.5
exploitability 0.5
weighted_severity 7.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6c4q-2my8-aqbc
5
url VCID-6pk2-g77j-h3b2
vulnerability_id VCID-6pk2-g77j-h3b2
summary An integer overflow during the parsing of XML using the Expat library.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9063.json
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9063.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9063
reference_id
reference_type
scores
0
value 0.02427
scoring_system epss
scoring_elements 0.85074
published_at 2026-04-01T12:55:00Z
1
value 0.02427
scoring_system epss
scoring_elements 0.85145
published_at 2026-04-13T12:55:00Z
2
value 0.02427
scoring_system epss
scoring_elements 0.85148
published_at 2026-04-12T12:55:00Z
3
value 0.02427
scoring_system epss
scoring_elements 0.85151
published_at 2026-04-11T12:55:00Z
4
value 0.02427
scoring_system epss
scoring_elements 0.85136
published_at 2026-04-09T12:55:00Z
5
value 0.02427
scoring_system epss
scoring_elements 0.85129
published_at 2026-04-08T12:55:00Z
6
value 0.02427
scoring_system epss
scoring_elements 0.85108
published_at 2026-04-07T12:55:00Z
7
value 0.02427
scoring_system epss
scoring_elements 0.85086
published_at 2026-04-02T12:55:00Z
8
value 0.02427
scoring_system epss
scoring_elements 0.85104
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9063
2
reference_url https://bugzilla.mozilla.org/show_bug.cgi?id=1274777
reference_id
reference_type
scores
url https://bugzilla.mozilla.org/show_bug.cgi?id=1274777
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9063
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9063
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.1
scoring_system cvssv2
scoring_elements AV:N/AC:H/Au:N/C:P/I:P/A:P
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://www.debian.org/security/2017/dsa-3898
reference_id
reference_type
scores
url https://www.debian.org/security/2017/dsa-3898
6
reference_url https://www.mozilla.org/security/advisories/mfsa2016-89/
reference_id
reference_type
scores
url https://www.mozilla.org/security/advisories/mfsa2016-89/
7
reference_url http://www.securityfocus.com/bid/94337
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/94337
8
reference_url http://www.securitytracker.com/id/1037298
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1037298
9
reference_url http://www.securitytracker.com/id/1039427
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1039427
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1396540
reference_id 1396540
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1396540
11
reference_url https://security.archlinux.org/ASA-201611-16
reference_id ASA-201611-16
reference_type
scores
url https://security.archlinux.org/ASA-201611-16
12
reference_url https://security.archlinux.org/ASA-201706-32
reference_id ASA-201706-32
reference_type
scores
url https://security.archlinux.org/ASA-201706-32
13
reference_url https://security.archlinux.org/ASA-201707-27
reference_id ASA-201707-27
reference_type
scores
url https://security.archlinux.org/ASA-201707-27
14
reference_url https://security.archlinux.org/AVG-305
reference_id AVG-305
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-305
15
reference_url https://security.archlinux.org/AVG-306
reference_id AVG-306
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-306
16
reference_url https://security.archlinux.org/AVG-72
reference_id AVG-72
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-72
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:python:python:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:*:*:*:*:*:*:*:*
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-9063
reference_id CVE-2016-9063
reference_type
scores
0
value 7.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:P/A:P
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2016-9063
23
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2016-89
reference_id mfsa2016-89
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2016-89
24
reference_url https://usn.ubuntu.com/3124-1/
reference_id USN-3124-1
reference_type
scores
url https://usn.ubuntu.com/3124-1/
fixed_packages
0
url pkg:deb/debian/expat@2.2.0-2%2Bdeb9u3
purl pkg:deb/debian/expat@2.2.0-2%2Bdeb9u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-28yc-wkq6-c7hb
1
vulnerability VCID-4c32-p11r-zud5
2
vulnerability VCID-7ndj-4zn8-cqa4
3
vulnerability VCID-94fm-s7mp-vfdb
4
vulnerability VCID-9ern-6htc-p7c4
5
vulnerability VCID-cy2n-zexk-jyda
6
vulnerability VCID-d26t-ex9d-x3ev
7
vulnerability VCID-dy3x-vd1y-dbbn
8
vulnerability VCID-gf3f-k2be-67e2
9
vulnerability VCID-gtcn-kyd2-xqdk
10
vulnerability VCID-k2kp-fv3q-vyh2
11
vulnerability VCID-kp8z-47q5-n7es
12
vulnerability VCID-mddr-7zar-6kfn
13
vulnerability VCID-n7m1-6qrq-auaf
14
vulnerability VCID-naf7-p1jf-z3ds
15
vulnerability VCID-nmh4-zpeh-4bcr
16
vulnerability VCID-nw3z-nwyg-87e5
17
vulnerability VCID-nw7y-2xct-8fa5
18
vulnerability VCID-pba8-g9ts-43bw
19
vulnerability VCID-r14v-u2r3-rkhz
20
vulnerability VCID-rjbn-1a88-87cj
21
vulnerability VCID-th9f-gg4v-bbbe
22
vulnerability VCID-tt7m-c9zc-1kem
23
vulnerability VCID-u2yw-sybk-uug8
24
vulnerability VCID-uw5p-szmd-8qcm
25
vulnerability VCID-x8gp-vvxg-13cw
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/expat@2.2.0-2%252Bdeb9u3
aliases CVE-2016-9063
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6pk2-g77j-h3b2
6
url VCID-7ndj-4zn8-cqa4
vulnerability_id VCID-7ndj-4zn8-cqa4
summary expat: parsing large tokens can trigger a denial of service
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52425.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52425.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-52425
reference_id
reference_type
scores
0
value 0.01552
scoring_system epss
scoring_elements 0.81365
published_at 2026-04-02T12:55:00Z
1
value 0.01552
scoring_system epss
scoring_elements 0.81421
published_at 2026-04-13T12:55:00Z
2
value 0.01552
scoring_system epss
scoring_elements 0.81388
published_at 2026-04-04T12:55:00Z
3
value 0.01552
scoring_system epss
scoring_elements 0.81386
published_at 2026-04-07T12:55:00Z
4
value 0.01552
scoring_system epss
scoring_elements 0.81414
published_at 2026-04-08T12:55:00Z
5
value 0.01552
scoring_system epss
scoring_elements 0.81419
published_at 2026-04-09T12:55:00Z
6
value 0.01552
scoring_system epss
scoring_elements 0.81441
published_at 2026-04-11T12:55:00Z
7
value 0.01552
scoring_system epss
scoring_elements 0.81429
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-52425
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52425
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52425
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063238
reference_id 1063238
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063238
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2262877
reference_id 2262877
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2262877
6
reference_url http://www.openwall.com/lists/oss-security/2024/03/20/5
reference_id 5
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-26T19:20:56Z/
url http://www.openwall.com/lists/oss-security/2024/03/20/5
7
reference_url https://github.com/libexpat/libexpat/pull/789
reference_id 789
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-26T19:20:56Z/
url https://github.com/libexpat/libexpat/pull/789
8
reference_url https://lists.debian.org/debian-lts-announce/2024/04/msg00006.html
reference_id msg00006.html
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-26T19:20:56Z/
url https://lists.debian.org/debian-lts-announce/2024/04/msg00006.html
9
reference_url https://security.netapp.com/advisory/ntap-20240614-0003/
reference_id ntap-20240614-0003
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-26T19:20:56Z/
url https://security.netapp.com/advisory/ntap-20240614-0003/
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PNRIHC7DVVRAIWFRGV23Y6UZXFBXSQDB/
reference_id PNRIHC7DVVRAIWFRGV23Y6UZXFBXSQDB
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-26T19:20:56Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PNRIHC7DVVRAIWFRGV23Y6UZXFBXSQDB/
11
reference_url https://access.redhat.com/errata/RHSA-2024:1530
reference_id RHSA-2024:1530
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1530
12
reference_url https://access.redhat.com/errata/RHSA-2024:1615
reference_id RHSA-2024:1615
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1615
13
reference_url https://access.redhat.com/errata/RHSA-2024:2575
reference_id RHSA-2024:2575
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2575
14
reference_url https://access.redhat.com/errata/RHSA-2024:2839
reference_id RHSA-2024:2839
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2839
15
reference_url https://access.redhat.com/errata/RHSA-2024:3926
reference_id RHSA-2024:3926
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:3926
16
reference_url https://access.redhat.com/errata/RHSA-2024:4259
reference_id RHSA-2024:4259
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4259
17
reference_url https://access.redhat.com/errata/RHSA-2025:22035
reference_id RHSA-2025:22035
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:22035
18
reference_url https://access.redhat.com/errata/RHSA-2025:22785
reference_id RHSA-2025:22785
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:22785
19
reference_url https://access.redhat.com/errata/RHSA-2025:22871
reference_id RHSA-2025:22871
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:22871
20
reference_url https://access.redhat.com/errata/RHSA-2025:3453
reference_id RHSA-2025:3453
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:3453
21
reference_url https://usn.ubuntu.com/6694-1/
reference_id USN-6694-1
reference_type
scores
url https://usn.ubuntu.com/6694-1/
22
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WNUBSGZFEZOBHJFTAD42SAN4ATW2VEMV/
reference_id WNUBSGZFEZOBHJFTAD42SAN4ATW2VEMV
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-26T19:20:56Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WNUBSGZFEZOBHJFTAD42SAN4ATW2VEMV/
fixed_packages
0
url pkg:deb/debian/expat@2.5.0-1%2Bdeb12u2
purl pkg:deb/debian/expat@2.5.0-1%2Bdeb12u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-77y6-jskt-qucb
1
vulnerability VCID-jqe4-44gw-wbhu
2
vulnerability VCID-nktd-7gph-kkb1
3
vulnerability VCID-qmx9-wkj4-67h3
4
vulnerability VCID-u5pr-wheu-h7c6
5
vulnerability VCID-utz3-ytaf-cbht
6
vulnerability VCID-v41j-xj8s-m7ar
7
vulnerability VCID-yw8s-ezc7-6ub8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/expat@2.5.0-1%252Bdeb12u2
aliases CVE-2023-52425
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7ndj-4zn8-cqa4
7
url VCID-94fm-s7mp-vfdb
vulnerability_id VCID-94fm-s7mp-vfdb
summary Multiple vulnerabilities have been discovered in Expat, the worst of which could result in arbitrary code execution.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-23852.json
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-23852.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-23852
reference_id
reference_type
scores
0
value 0.01707
scoring_system epss
scoring_elements 0.82313
published_at 2026-04-09T12:55:00Z
1
value 0.01707
scoring_system epss
scoring_elements 0.82265
published_at 2026-04-02T12:55:00Z
2
value 0.01707
scoring_system epss
scoring_elements 0.82321
published_at 2026-04-13T12:55:00Z
3
value 0.01707
scoring_system epss
scoring_elements 0.82326
published_at 2026-04-12T12:55:00Z
4
value 0.01707
scoring_system epss
scoring_elements 0.82332
published_at 2026-04-11T12:55:00Z
5
value 0.01707
scoring_system epss
scoring_elements 0.82284
published_at 2026-04-04T12:55:00Z
6
value 0.01707
scoring_system epss
scoring_elements 0.82279
published_at 2026-04-07T12:55:00Z
7
value 0.01707
scoring_system epss
scoring_elements 0.82306
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-23852
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45960
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45960
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46143
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46143
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22822
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22822
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22823
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22823
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22824
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22824
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22825
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22825
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22826
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22826
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22827
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22827
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23852
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23852
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23990
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23990
12
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
13
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2044613
reference_id 2044613
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2044613
14
reference_url https://github.com/libexpat/libexpat/pull/550
reference_id 550
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:42Z/
url https://github.com/libexpat/libexpat/pull/550
15
reference_url https://www.debian.org/security/2022/dsa-5073
reference_id dsa-5073
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:42Z/
url https://www.debian.org/security/2022/dsa-5073
16
reference_url https://security.gentoo.org/glsa/202209-24
reference_id GLSA-202209-24
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:42Z/
url https://security.gentoo.org/glsa/202209-24
17
reference_url https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html
reference_id msg00007.html
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:42Z/
url https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html
18
reference_url https://security.netapp.com/advisory/ntap-20220217-0001/
reference_id ntap-20220217-0001
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:42Z/
url https://security.netapp.com/advisory/ntap-20220217-0001/
19
reference_url https://access.redhat.com/errata/RHSA-2022:0951
reference_id RHSA-2022:0951
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0951
20
reference_url https://access.redhat.com/errata/RHSA-2022:1069
reference_id RHSA-2022:1069
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1069
21
reference_url https://access.redhat.com/errata/RHSA-2022:4834
reference_id RHSA-2022:4834
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:4834
22
reference_url https://access.redhat.com/errata/RHSA-2022:7144
reference_id RHSA-2022:7144
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7144
23
reference_url https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf
reference_id ssa-484086.pdf
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:42Z/
url https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf
24
reference_url https://www.tenable.com/security/tns-2022-05
reference_id tns-2022-05
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:42Z/
url https://www.tenable.com/security/tns-2022-05
25
reference_url https://usn.ubuntu.com/5288-1/
reference_id USN-5288-1
reference_type
scores
url https://usn.ubuntu.com/5288-1/
fixed_packages
0
url pkg:deb/debian/expat@2.2.6-2%2Bdeb10u4
purl pkg:deb/debian/expat@2.2.6-2%2Bdeb10u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-28yc-wkq6-c7hb
1
vulnerability VCID-4c32-p11r-zud5
2
vulnerability VCID-7ndj-4zn8-cqa4
3
vulnerability VCID-94fm-s7mp-vfdb
4
vulnerability VCID-9ern-6htc-p7c4
5
vulnerability VCID-cy2n-zexk-jyda
6
vulnerability VCID-d26t-ex9d-x3ev
7
vulnerability VCID-dy3x-vd1y-dbbn
8
vulnerability VCID-gf3f-k2be-67e2
9
vulnerability VCID-gtcn-kyd2-xqdk
10
vulnerability VCID-k2kp-fv3q-vyh2
11
vulnerability VCID-kp8z-47q5-n7es
12
vulnerability VCID-mddr-7zar-6kfn
13
vulnerability VCID-n7m1-6qrq-auaf
14
vulnerability VCID-nmh4-zpeh-4bcr
15
vulnerability VCID-nw3z-nwyg-87e5
16
vulnerability VCID-nw7y-2xct-8fa5
17
vulnerability VCID-pba8-g9ts-43bw
18
vulnerability VCID-rjbn-1a88-87cj
19
vulnerability VCID-th9f-gg4v-bbbe
20
vulnerability VCID-tt7m-c9zc-1kem
21
vulnerability VCID-u2yw-sybk-uug8
22
vulnerability VCID-uw5p-szmd-8qcm
23
vulnerability VCID-x8gp-vvxg-13cw
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/expat@2.2.6-2%252Bdeb10u4
1
url pkg:deb/debian/expat@2.2.10-2%2Bdeb11u5
purl pkg:deb/debian/expat@2.2.10-2%2Bdeb11u5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1fms-7y9v-dfc5
1
vulnerability VCID-77y6-jskt-qucb
2
vulnerability VCID-7ndj-4zn8-cqa4
3
vulnerability VCID-d26t-ex9d-x3ev
4
vulnerability VCID-gtcn-kyd2-xqdk
5
vulnerability VCID-jqe4-44gw-wbhu
6
vulnerability VCID-k2kp-fv3q-vyh2
7
vulnerability VCID-nguf-68jf-ryaz
8
vulnerability VCID-nktd-7gph-kkb1
9
vulnerability VCID-nw3z-nwyg-87e5
10
vulnerability VCID-qmx9-wkj4-67h3
11
vulnerability VCID-u5pr-wheu-h7c6
12
vulnerability VCID-utz3-ytaf-cbht
13
vulnerability VCID-v41j-xj8s-m7ar
14
vulnerability VCID-yw8s-ezc7-6ub8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/expat@2.2.10-2%252Bdeb11u5
aliases CVE-2022-23852
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-94fm-s7mp-vfdb
8
url VCID-96wu-nph4-5yb5
vulnerability_id VCID-96wu-nph4-5yb5
summary 
Multiple vulnerabilities have been found in Expat, the worst of
    which may allow execution of arbitrary code.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6702.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6702.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-6702
reference_id
reference_type
scores
0
value 0.00633
scoring_system epss
scoring_elements 0.70347
published_at 2026-04-13T12:55:00Z
1
value 0.00633
scoring_system epss
scoring_elements 0.70376
published_at 2026-04-11T12:55:00Z
2
value 0.00633
scoring_system epss
scoring_elements 0.70361
published_at 2026-04-12T12:55:00Z
3
value 0.00633
scoring_system epss
scoring_elements 0.70285
published_at 2026-04-01T12:55:00Z
4
value 0.00633
scoring_system epss
scoring_elements 0.70298
published_at 2026-04-02T12:55:00Z
5
value 0.00633
scoring_system epss
scoring_elements 0.70315
published_at 2026-04-04T12:55:00Z
6
value 0.00633
scoring_system epss
scoring_elements 0.70292
published_at 2026-04-07T12:55:00Z
7
value 0.00633
scoring_system epss
scoring_elements 0.70338
published_at 2026-04-08T12:55:00Z
8
value 0.00633
scoring_system epss
scoring_elements 0.70352
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-6702
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6702
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6702
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5300
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5300
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://source.android.com/security/bulletin/2016-11-01.html
reference_id
reference_type
scores
url https://source.android.com/security/bulletin/2016-11-01.html
6
reference_url https://www.tenable.com/security/tns-2016-20
reference_id
reference_type
scores
url https://www.tenable.com/security/tns-2016-20
7
reference_url http://www.debian.org/security/2016/dsa-3597
reference_id
reference_type
scores
url http://www.debian.org/security/2016/dsa-3597
8
reference_url http://www.openwall.com/lists/oss-security/2016/06/03/8
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2016/06/03/8
9
reference_url http://www.openwall.com/lists/oss-security/2016/06/04/1
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2016/06/04/1
10
reference_url http://www.securityfocus.com/bid/91483
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/91483
11
reference_url http://www.ubuntu.com/usn/USN-3010-1
reference_id
reference_type
scores
url http://www.ubuntu.com/usn/USN-3010-1
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1319731
reference_id 1319731
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1319731
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libexpat_project:libexpat:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:libexpat_project:libexpat:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libexpat_project:libexpat:*:*:*:*:*:*:*:*
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.4.4:*:*:*:*:*:*:*
reference_id cpe:2.3:o:google:android:4.4.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.4.4:*:*:*:*:*:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.0.2:*:*:*:*:*:*:*
reference_id cpe:2.3:o:google:android:5.0.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.0.2:*:*:*:*:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.1.1:*:*:*:*:*:*:*
reference_id cpe:2.3:o:google:android:5.1.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.1.1:*:*:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:google:android:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:6.0:*:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:6.0.1:*:*:*:*:*:*:*
reference_id cpe:2.3:o:google:android:6.0.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:6.0.1:*:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-6702
reference_id CVE-2012-6702
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:P/A:N
1
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2012-6702
25
reference_url https://security.gentoo.org/glsa/201701-21
reference_id GLSA-201701-21
reference_type
scores
url https://security.gentoo.org/glsa/201701-21
26
reference_url https://usn.ubuntu.com/3010-1/
reference_id USN-3010-1
reference_type
scores
url https://usn.ubuntu.com/3010-1/
27
reference_url https://usn.ubuntu.com/3013-1/
reference_id USN-3013-1
reference_type
scores
url https://usn.ubuntu.com/3013-1/
fixed_packages
0
url pkg:deb/debian/expat@2.1.0-6%2Bdeb8u4
purl pkg:deb/debian/expat@2.1.0-6%2Bdeb8u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-28yc-wkq6-c7hb
1
vulnerability VCID-3465-gq22-3kfy
2
vulnerability VCID-4c32-p11r-zud5
3
vulnerability VCID-6c4q-2my8-aqbc
4
vulnerability VCID-6pk2-g77j-h3b2
5
vulnerability VCID-7ndj-4zn8-cqa4
6
vulnerability VCID-94fm-s7mp-vfdb
7
vulnerability VCID-96wu-nph4-5yb5
8
vulnerability VCID-9ern-6htc-p7c4
9
vulnerability VCID-cy2n-zexk-jyda
10
vulnerability VCID-d26t-ex9d-x3ev
11
vulnerability VCID-dy3x-vd1y-dbbn
12
vulnerability VCID-gf3f-k2be-67e2
13
vulnerability VCID-gtcn-kyd2-xqdk
14
vulnerability VCID-h5xc-cubs-5fgu
15
vulnerability VCID-k2kp-fv3q-vyh2
16
vulnerability VCID-kp8z-47q5-n7es
17
vulnerability VCID-mddr-7zar-6kfn
18
vulnerability VCID-n7m1-6qrq-auaf
19
vulnerability VCID-naf7-p1jf-z3ds
20
vulnerability VCID-nmh4-zpeh-4bcr
21
vulnerability VCID-nw3z-nwyg-87e5
22
vulnerability VCID-nw7y-2xct-8fa5
23
vulnerability VCID-pba8-g9ts-43bw
24
vulnerability VCID-qcbz-21vm-eqfd
25
vulnerability VCID-r14v-u2r3-rkhz
26
vulnerability VCID-rjbn-1a88-87cj
27
vulnerability VCID-th9f-gg4v-bbbe
28
vulnerability VCID-tt7m-c9zc-1kem
29
vulnerability VCID-u2yw-sybk-uug8
30
vulnerability VCID-uw5p-szmd-8qcm
31
vulnerability VCID-x8gp-vvxg-13cw
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/expat@2.1.0-6%252Bdeb8u4
1
url pkg:deb/debian/expat@2.2.0-2%2Bdeb9u3
purl pkg:deb/debian/expat@2.2.0-2%2Bdeb9u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-28yc-wkq6-c7hb
1
vulnerability VCID-4c32-p11r-zud5
2
vulnerability VCID-7ndj-4zn8-cqa4
3
vulnerability VCID-94fm-s7mp-vfdb
4
vulnerability VCID-9ern-6htc-p7c4
5
vulnerability VCID-cy2n-zexk-jyda
6
vulnerability VCID-d26t-ex9d-x3ev
7
vulnerability VCID-dy3x-vd1y-dbbn
8
vulnerability VCID-gf3f-k2be-67e2
9
vulnerability VCID-gtcn-kyd2-xqdk
10
vulnerability VCID-k2kp-fv3q-vyh2
11
vulnerability VCID-kp8z-47q5-n7es
12
vulnerability VCID-mddr-7zar-6kfn
13
vulnerability VCID-n7m1-6qrq-auaf
14
vulnerability VCID-naf7-p1jf-z3ds
15
vulnerability VCID-nmh4-zpeh-4bcr
16
vulnerability VCID-nw3z-nwyg-87e5
17
vulnerability VCID-nw7y-2xct-8fa5
18
vulnerability VCID-pba8-g9ts-43bw
19
vulnerability VCID-r14v-u2r3-rkhz
20
vulnerability VCID-rjbn-1a88-87cj
21
vulnerability VCID-th9f-gg4v-bbbe
22
vulnerability VCID-tt7m-c9zc-1kem
23
vulnerability VCID-u2yw-sybk-uug8
24
vulnerability VCID-uw5p-szmd-8qcm
25
vulnerability VCID-x8gp-vvxg-13cw
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/expat@2.2.0-2%252Bdeb9u3
aliases CVE-2012-6702
risk_score 2.6
exploitability 0.5
weighted_severity 5.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-96wu-nph4-5yb5
9
url VCID-9ern-6htc-p7c4
vulnerability_id VCID-9ern-6htc-p7c4
summary Multiple vulnerabilities have been discovered in Expat, the worst of which could result in arbitrary code execution.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22826.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22826.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-22826
reference_id
reference_type
scores
0
value 0.00206
scoring_system epss
scoring_elements 0.42703
published_at 2026-04-02T12:55:00Z
1
value 0.00206
scoring_system epss
scoring_elements 0.42731
published_at 2026-04-04T12:55:00Z
2
value 0.00206
scoring_system epss
scoring_elements 0.42671
published_at 2026-04-07T12:55:00Z
3
value 0.00206
scoring_system epss
scoring_elements 0.42722
published_at 2026-04-12T12:55:00Z
4
value 0.00206
scoring_system epss
scoring_elements 0.42736
published_at 2026-04-09T12:55:00Z
5
value 0.00206
scoring_system epss
scoring_elements 0.42757
published_at 2026-04-11T12:55:00Z
6
value 0.00206
scoring_system epss
scoring_elements 0.42705
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-22826
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45960
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45960
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46143
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46143
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22822
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22822
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22823
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22823
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22824
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22824
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22825
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22825
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22826
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22826
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22827
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22827
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23852
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23852
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23990
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23990
12
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
13
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1003474
reference_id 1003474
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1003474
14
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2044484
reference_id 2044484
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2044484
15
reference_url https://security.gentoo.org/glsa/202209-24
reference_id GLSA-202209-24
reference_type
scores
url https://security.gentoo.org/glsa/202209-24
16
reference_url https://access.redhat.com/errata/RHSA-2022:0951
reference_id RHSA-2022:0951
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0951
17
reference_url https://access.redhat.com/errata/RHSA-2022:1069
reference_id RHSA-2022:1069
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1069
18
reference_url https://access.redhat.com/errata/RHSA-2022:7144
reference_id RHSA-2022:7144
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7144
19
reference_url https://access.redhat.com/errata/RHSA-2022:7692
reference_id RHSA-2022:7692
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7692
20
reference_url https://access.redhat.com/errata/RHSA-2025:22785
reference_id RHSA-2025:22785
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:22785
21
reference_url https://access.redhat.com/errata/RHSA-2025:22871
reference_id RHSA-2025:22871
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:22871
22
reference_url https://usn.ubuntu.com/5288-1/
reference_id USN-5288-1
reference_type
scores
url https://usn.ubuntu.com/5288-1/
23
reference_url https://usn.ubuntu.com/7199-1/
reference_id USN-7199-1
reference_type
scores
url https://usn.ubuntu.com/7199-1/
24
reference_url https://usn.ubuntu.com/USN-5455-1/
reference_id USN-USN-5455-1
reference_type
scores
url https://usn.ubuntu.com/USN-5455-1/
fixed_packages
0
url pkg:deb/debian/expat@2.2.6-2%2Bdeb10u4
purl pkg:deb/debian/expat@2.2.6-2%2Bdeb10u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-28yc-wkq6-c7hb
1
vulnerability VCID-4c32-p11r-zud5
2
vulnerability VCID-7ndj-4zn8-cqa4
3
vulnerability VCID-94fm-s7mp-vfdb
4
vulnerability VCID-9ern-6htc-p7c4
5
vulnerability VCID-cy2n-zexk-jyda
6
vulnerability VCID-d26t-ex9d-x3ev
7
vulnerability VCID-dy3x-vd1y-dbbn
8
vulnerability VCID-gf3f-k2be-67e2
9
vulnerability VCID-gtcn-kyd2-xqdk
10
vulnerability VCID-k2kp-fv3q-vyh2
11
vulnerability VCID-kp8z-47q5-n7es
12
vulnerability VCID-mddr-7zar-6kfn
13
vulnerability VCID-n7m1-6qrq-auaf
14
vulnerability VCID-nmh4-zpeh-4bcr
15
vulnerability VCID-nw3z-nwyg-87e5
16
vulnerability VCID-nw7y-2xct-8fa5
17
vulnerability VCID-pba8-g9ts-43bw
18
vulnerability VCID-rjbn-1a88-87cj
19
vulnerability VCID-th9f-gg4v-bbbe
20
vulnerability VCID-tt7m-c9zc-1kem
21
vulnerability VCID-u2yw-sybk-uug8
22
vulnerability VCID-uw5p-szmd-8qcm
23
vulnerability VCID-x8gp-vvxg-13cw
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/expat@2.2.6-2%252Bdeb10u4
1
url pkg:deb/debian/expat@2.2.10-2%2Bdeb11u5
purl pkg:deb/debian/expat@2.2.10-2%2Bdeb11u5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1fms-7y9v-dfc5
1
vulnerability VCID-77y6-jskt-qucb
2
vulnerability VCID-7ndj-4zn8-cqa4
3
vulnerability VCID-d26t-ex9d-x3ev
4
vulnerability VCID-gtcn-kyd2-xqdk
5
vulnerability VCID-jqe4-44gw-wbhu
6
vulnerability VCID-k2kp-fv3q-vyh2
7
vulnerability VCID-nguf-68jf-ryaz
8
vulnerability VCID-nktd-7gph-kkb1
9
vulnerability VCID-nw3z-nwyg-87e5
10
vulnerability VCID-qmx9-wkj4-67h3
11
vulnerability VCID-u5pr-wheu-h7c6
12
vulnerability VCID-utz3-ytaf-cbht
13
vulnerability VCID-v41j-xj8s-m7ar
14
vulnerability VCID-yw8s-ezc7-6ub8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/expat@2.2.10-2%252Bdeb11u5
aliases CVE-2022-22826
risk_score 4.0
exploitability 0.5
weighted_severity 7.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9ern-6htc-p7c4
10
url VCID-cy2n-zexk-jyda
vulnerability_id VCID-cy2n-zexk-jyda
summary Multiple vulnerabilities have been discovered in Expat, the worst of which could result in arbitrary code execution.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-25315.json
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-25315.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-25315
reference_id
reference_type
scores
0
value 0.07704
scoring_system epss
scoring_elements 0.91915
published_at 2026-04-08T12:55:00Z
1
value 0.07704
scoring_system epss
scoring_elements 0.91888
published_at 2026-04-02T12:55:00Z
2
value 0.07704
scoring_system epss
scoring_elements 0.9192
published_at 2026-04-13T12:55:00Z
3
value 0.07704
scoring_system epss
scoring_elements 0.91923
published_at 2026-04-12T12:55:00Z
4
value 0.07704
scoring_system epss
scoring_elements 0.91924
published_at 2026-04-11T12:55:00Z
5
value 0.07704
scoring_system epss
scoring_elements 0.91921
published_at 2026-04-09T12:55:00Z
6
value 0.07704
scoring_system epss
scoring_elements 0.91896
published_at 2026-04-04T12:55:00Z
7
value 0.07704
scoring_system epss
scoring_elements 0.91903
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-25315
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25235
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25235
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25236
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25236
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25313
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25313
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25314
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25314
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25315
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25315
7
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
8
reference_url http://www.openwall.com/lists/oss-security/2022/02/19/1
reference_id 1
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:31:38Z/
url http://www.openwall.com/lists/oss-security/2022/02/19/1
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2056363
reference_id 2056363
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2056363
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU/
reference_id 3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:31:38Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU/
11
reference_url https://github.com/libexpat/libexpat/pull/559
reference_id 559
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:31:38Z/
url https://github.com/libexpat/libexpat/pull/559
12
reference_url https://www.debian.org/security/2022/dsa-5085
reference_id dsa-5085
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:31:38Z/
url https://www.debian.org/security/2022/dsa-5085
13
reference_url https://security.gentoo.org/glsa/202209-24
reference_id GLSA-202209-24
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:31:38Z/
url https://security.gentoo.org/glsa/202209-24
14
reference_url https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html
reference_id msg00007.html
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:31:38Z/
url https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html
15
reference_url https://security.netapp.com/advisory/ntap-20220303-0008/
reference_id ntap-20220303-0008
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:31:38Z/
url https://security.netapp.com/advisory/ntap-20220303-0008/
16
reference_url https://access.redhat.com/errata/RHSA-2022:0815
reference_id RHSA-2022:0815
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0815
17
reference_url https://access.redhat.com/errata/RHSA-2022:0816
reference_id RHSA-2022:0816
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0816
18
reference_url https://access.redhat.com/errata/RHSA-2022:0817
reference_id RHSA-2022:0817
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0817
19
reference_url https://access.redhat.com/errata/RHSA-2022:0818
reference_id RHSA-2022:0818
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0818
20
reference_url https://access.redhat.com/errata/RHSA-2022:0824
reference_id RHSA-2022:0824
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0824
21
reference_url https://access.redhat.com/errata/RHSA-2022:0843
reference_id RHSA-2022:0843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0843
22
reference_url https://access.redhat.com/errata/RHSA-2022:0845
reference_id RHSA-2022:0845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0845
23
reference_url https://access.redhat.com/errata/RHSA-2022:0847
reference_id RHSA-2022:0847
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0847
24
reference_url https://access.redhat.com/errata/RHSA-2022:0850
reference_id RHSA-2022:0850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0850
25
reference_url https://access.redhat.com/errata/RHSA-2022:0853
reference_id RHSA-2022:0853
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0853
26
reference_url https://access.redhat.com/errata/RHSA-2022:0951
reference_id RHSA-2022:0951
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0951
27
reference_url https://access.redhat.com/errata/RHSA-2022:1012
reference_id RHSA-2022:1012
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1012
28
reference_url https://access.redhat.com/errata/RHSA-2022:1053
reference_id RHSA-2022:1053
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1053
29
reference_url https://access.redhat.com/errata/RHSA-2022:1068
reference_id RHSA-2022:1068
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1068
30
reference_url https://access.redhat.com/errata/RHSA-2022:1069
reference_id RHSA-2022:1069
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1069
31
reference_url https://access.redhat.com/errata/RHSA-2022:1070
reference_id RHSA-2022:1070
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1070
32
reference_url https://access.redhat.com/errata/RHSA-2022:1263
reference_id RHSA-2022:1263
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1263
33
reference_url https://access.redhat.com/errata/RHSA-2022:1309
reference_id RHSA-2022:1309
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1309
34
reference_url https://access.redhat.com/errata/RHSA-2022:7144
reference_id RHSA-2022:7144
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7144
35
reference_url https://access.redhat.com/errata/RHSA-2022:7811
reference_id RHSA-2022:7811
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7811
36
reference_url https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf
reference_id ssa-484086.pdf
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:31:38Z/
url https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf
37
reference_url https://usn.ubuntu.com/5320-1/
reference_id USN-5320-1
reference_type
scores
url https://usn.ubuntu.com/5320-1/
38
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM/
reference_id Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:31:38Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM/
fixed_packages
0
url pkg:deb/debian/expat@2.2.6-2%2Bdeb10u4
purl pkg:deb/debian/expat@2.2.6-2%2Bdeb10u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-28yc-wkq6-c7hb
1
vulnerability VCID-4c32-p11r-zud5
2
vulnerability VCID-7ndj-4zn8-cqa4
3
vulnerability VCID-94fm-s7mp-vfdb
4
vulnerability VCID-9ern-6htc-p7c4
5
vulnerability VCID-cy2n-zexk-jyda
6
vulnerability VCID-d26t-ex9d-x3ev
7
vulnerability VCID-dy3x-vd1y-dbbn
8
vulnerability VCID-gf3f-k2be-67e2
9
vulnerability VCID-gtcn-kyd2-xqdk
10
vulnerability VCID-k2kp-fv3q-vyh2
11
vulnerability VCID-kp8z-47q5-n7es
12
vulnerability VCID-mddr-7zar-6kfn
13
vulnerability VCID-n7m1-6qrq-auaf
14
vulnerability VCID-nmh4-zpeh-4bcr
15
vulnerability VCID-nw3z-nwyg-87e5
16
vulnerability VCID-nw7y-2xct-8fa5
17
vulnerability VCID-pba8-g9ts-43bw
18
vulnerability VCID-rjbn-1a88-87cj
19
vulnerability VCID-th9f-gg4v-bbbe
20
vulnerability VCID-tt7m-c9zc-1kem
21
vulnerability VCID-u2yw-sybk-uug8
22
vulnerability VCID-uw5p-szmd-8qcm
23
vulnerability VCID-x8gp-vvxg-13cw
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/expat@2.2.6-2%252Bdeb10u4
1
url pkg:deb/debian/expat@2.2.10-2%2Bdeb11u5
purl pkg:deb/debian/expat@2.2.10-2%2Bdeb11u5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1fms-7y9v-dfc5
1
vulnerability VCID-77y6-jskt-qucb
2
vulnerability VCID-7ndj-4zn8-cqa4
3
vulnerability VCID-d26t-ex9d-x3ev
4
vulnerability VCID-gtcn-kyd2-xqdk
5
vulnerability VCID-jqe4-44gw-wbhu
6
vulnerability VCID-k2kp-fv3q-vyh2
7
vulnerability VCID-nguf-68jf-ryaz
8
vulnerability VCID-nktd-7gph-kkb1
9
vulnerability VCID-nw3z-nwyg-87e5
10
vulnerability VCID-qmx9-wkj4-67h3
11
vulnerability VCID-u5pr-wheu-h7c6
12
vulnerability VCID-utz3-ytaf-cbht
13
vulnerability VCID-v41j-xj8s-m7ar
14
vulnerability VCID-yw8s-ezc7-6ub8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/expat@2.2.10-2%252Bdeb11u5
aliases CVE-2022-25315
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cy2n-zexk-jyda
11
url VCID-d26t-ex9d-x3ev
vulnerability_id VCID-d26t-ex9d-x3ev
summary Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-45491.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-45491.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-45491
reference_id
reference_type
scores
0
value 0.00596
scoring_system epss
scoring_elements 0.69351
published_at 2026-04-13T12:55:00Z
1
value 0.00596
scoring_system epss
scoring_elements 0.69291
published_at 2026-04-07T12:55:00Z
2
value 0.00596
scoring_system epss
scoring_elements 0.69341
published_at 2026-04-08T12:55:00Z
3
value 0.00596
scoring_system epss
scoring_elements 0.69358
published_at 2026-04-09T12:55:00Z
4
value 0.00596
scoring_system epss
scoring_elements 0.6938
published_at 2026-04-11T12:55:00Z
5
value 0.00596
scoring_system epss
scoring_elements 0.69364
published_at 2026-04-12T12:55:00Z
6
value 0.00596
scoring_system epss
scoring_elements 0.69293
published_at 2026-04-02T12:55:00Z
7
value 0.00596
scoring_system epss
scoring_elements 0.69311
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-45491
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45491
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45491
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1080150
reference_id 1080150
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1080150
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2308616
reference_id 2308616
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2308616
6
reference_url https://github.com/libexpat/libexpat/issues/888
reference_id 888
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-30T13:53:48Z/
url https://github.com/libexpat/libexpat/issues/888
7
reference_url https://github.com/libexpat/libexpat/pull/891
reference_id 891
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-30T13:53:48Z/
url https://github.com/libexpat/libexpat/pull/891
8
reference_url https://security.gentoo.org/glsa/202501-09
reference_id GLSA-202501-09
reference_type
scores
url https://security.gentoo.org/glsa/202501-09
9
reference_url https://access.redhat.com/errata/RHSA-2024:10135
reference_id RHSA-2024:10135
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:10135
10
reference_url https://access.redhat.com/errata/RHSA-2024:11109
reference_id RHSA-2024:11109
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:11109
11
reference_url https://access.redhat.com/errata/RHSA-2024:6754
reference_id RHSA-2024:6754
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:6754
12
reference_url https://access.redhat.com/errata/RHSA-2024:6989
reference_id RHSA-2024:6989
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:6989
13
reference_url https://access.redhat.com/errata/RHSA-2024:7213
reference_id RHSA-2024:7213
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:7213
14
reference_url https://access.redhat.com/errata/RHSA-2024:7599
reference_id RHSA-2024:7599
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:7599
15
reference_url https://access.redhat.com/errata/RHSA-2024:8859
reference_id RHSA-2024:8859
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:8859
16
reference_url https://access.redhat.com/errata/RHSA-2024:9610
reference_id RHSA-2024:9610
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:9610
17
reference_url https://usn.ubuntu.com/7000-1/
reference_id USN-7000-1
reference_type
scores
url https://usn.ubuntu.com/7000-1/
18
reference_url https://usn.ubuntu.com/7000-2/
reference_id USN-7000-2
reference_type
scores
url https://usn.ubuntu.com/7000-2/
19
reference_url https://usn.ubuntu.com/7001-1/
reference_id USN-7001-1
reference_type
scores
url https://usn.ubuntu.com/7001-1/
20
reference_url https://usn.ubuntu.com/7001-2/
reference_id USN-7001-2
reference_type
scores
url https://usn.ubuntu.com/7001-2/
fixed_packages
0
url pkg:deb/debian/expat@2.5.0-1%2Bdeb12u2
purl pkg:deb/debian/expat@2.5.0-1%2Bdeb12u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-77y6-jskt-qucb
1
vulnerability VCID-jqe4-44gw-wbhu
2
vulnerability VCID-nktd-7gph-kkb1
3
vulnerability VCID-qmx9-wkj4-67h3
4
vulnerability VCID-u5pr-wheu-h7c6
5
vulnerability VCID-utz3-ytaf-cbht
6
vulnerability VCID-v41j-xj8s-m7ar
7
vulnerability VCID-yw8s-ezc7-6ub8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/expat@2.5.0-1%252Bdeb12u2
aliases CVE-2024-45491
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-d26t-ex9d-x3ev
12
url VCID-dy3x-vd1y-dbbn
vulnerability_id VCID-dy3x-vd1y-dbbn
summary Multiple vulnerabilities have been discovered in Expat, the worst of which could result in arbitrary code execution.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22825.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22825.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-22825
reference_id
reference_type
scores
0
value 0.00206
scoring_system epss
scoring_elements 0.42703
published_at 2026-04-02T12:55:00Z
1
value 0.00206
scoring_system epss
scoring_elements 0.42731
published_at 2026-04-04T12:55:00Z
2
value 0.00206
scoring_system epss
scoring_elements 0.42671
published_at 2026-04-07T12:55:00Z
3
value 0.00206
scoring_system epss
scoring_elements 0.42722
published_at 2026-04-12T12:55:00Z
4
value 0.00206
scoring_system epss
scoring_elements 0.42736
published_at 2026-04-09T12:55:00Z
5
value 0.00206
scoring_system epss
scoring_elements 0.42757
published_at 2026-04-11T12:55:00Z
6
value 0.00206
scoring_system epss
scoring_elements 0.42705
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-22825
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45960
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45960
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46143
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46143
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22822
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22822
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22823
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22823
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22824
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22824
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22825
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22825
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22826
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22826
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22827
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22827
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23852
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23852
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23990
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23990
12
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
13
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1003474
reference_id 1003474
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1003474
14
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2044479
reference_id 2044479
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2044479
15
reference_url https://security.gentoo.org/glsa/202209-24
reference_id GLSA-202209-24
reference_type
scores
url https://security.gentoo.org/glsa/202209-24
16
reference_url https://access.redhat.com/errata/RHSA-2022:0951
reference_id RHSA-2022:0951
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0951
17
reference_url https://access.redhat.com/errata/RHSA-2022:1069
reference_id RHSA-2022:1069
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1069
18
reference_url https://access.redhat.com/errata/RHSA-2022:7144
reference_id RHSA-2022:7144
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7144
19
reference_url https://access.redhat.com/errata/RHSA-2022:7692
reference_id RHSA-2022:7692
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7692
20
reference_url https://access.redhat.com/errata/RHSA-2025:22785
reference_id RHSA-2025:22785
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:22785
21
reference_url https://access.redhat.com/errata/RHSA-2025:22871
reference_id RHSA-2025:22871
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:22871
22
reference_url https://usn.ubuntu.com/5288-1/
reference_id USN-5288-1
reference_type
scores
url https://usn.ubuntu.com/5288-1/
23
reference_url https://usn.ubuntu.com/7199-1/
reference_id USN-7199-1
reference_type
scores
url https://usn.ubuntu.com/7199-1/
24
reference_url https://usn.ubuntu.com/USN-5455-1/
reference_id USN-USN-5455-1
reference_type
scores
url https://usn.ubuntu.com/USN-5455-1/
fixed_packages
0
url pkg:deb/debian/expat@2.2.6-2%2Bdeb10u4
purl pkg:deb/debian/expat@2.2.6-2%2Bdeb10u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-28yc-wkq6-c7hb
1
vulnerability VCID-4c32-p11r-zud5
2
vulnerability VCID-7ndj-4zn8-cqa4
3
vulnerability VCID-94fm-s7mp-vfdb
4
vulnerability VCID-9ern-6htc-p7c4
5
vulnerability VCID-cy2n-zexk-jyda
6
vulnerability VCID-d26t-ex9d-x3ev
7
vulnerability VCID-dy3x-vd1y-dbbn
8
vulnerability VCID-gf3f-k2be-67e2
9
vulnerability VCID-gtcn-kyd2-xqdk
10
vulnerability VCID-k2kp-fv3q-vyh2
11
vulnerability VCID-kp8z-47q5-n7es
12
vulnerability VCID-mddr-7zar-6kfn
13
vulnerability VCID-n7m1-6qrq-auaf
14
vulnerability VCID-nmh4-zpeh-4bcr
15
vulnerability VCID-nw3z-nwyg-87e5
16
vulnerability VCID-nw7y-2xct-8fa5
17
vulnerability VCID-pba8-g9ts-43bw
18
vulnerability VCID-rjbn-1a88-87cj
19
vulnerability VCID-th9f-gg4v-bbbe
20
vulnerability VCID-tt7m-c9zc-1kem
21
vulnerability VCID-u2yw-sybk-uug8
22
vulnerability VCID-uw5p-szmd-8qcm
23
vulnerability VCID-x8gp-vvxg-13cw
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/expat@2.2.6-2%252Bdeb10u4
1
url pkg:deb/debian/expat@2.2.10-2%2Bdeb11u5
purl pkg:deb/debian/expat@2.2.10-2%2Bdeb11u5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1fms-7y9v-dfc5
1
vulnerability VCID-77y6-jskt-qucb
2
vulnerability VCID-7ndj-4zn8-cqa4
3
vulnerability VCID-d26t-ex9d-x3ev
4
vulnerability VCID-gtcn-kyd2-xqdk
5
vulnerability VCID-jqe4-44gw-wbhu
6
vulnerability VCID-k2kp-fv3q-vyh2
7
vulnerability VCID-nguf-68jf-ryaz
8
vulnerability VCID-nktd-7gph-kkb1
9
vulnerability VCID-nw3z-nwyg-87e5
10
vulnerability VCID-qmx9-wkj4-67h3
11
vulnerability VCID-u5pr-wheu-h7c6
12
vulnerability VCID-utz3-ytaf-cbht
13
vulnerability VCID-v41j-xj8s-m7ar
14
vulnerability VCID-yw8s-ezc7-6ub8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/expat@2.2.10-2%252Bdeb11u5
aliases CVE-2022-22825
risk_score 4.0
exploitability 0.5
weighted_severity 7.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dy3x-vd1y-dbbn
13
url VCID-e742-j1bw-jbbh
vulnerability_id VCID-e742-j1bw-jbbh
summary 
Multiple vulnerabilities have been found in Expat, possibly
    resulting in Denial of Service.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1148.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1148.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-1148
reference_id
reference_type
scores
0
value 0.01289
scoring_system epss
scoring_elements 0.79597
published_at 2026-04-01T12:55:00Z
1
value 0.01289
scoring_system epss
scoring_elements 0.79603
published_at 2026-04-02T12:55:00Z
2
value 0.01289
scoring_system epss
scoring_elements 0.79626
published_at 2026-04-04T12:55:00Z
3
value 0.01317
scoring_system epss
scoring_elements 0.79821
published_at 2026-04-07T12:55:00Z
4
value 0.01317
scoring_system epss
scoring_elements 0.7985
published_at 2026-04-08T12:55:00Z
5
value 0.01317
scoring_system epss
scoring_elements 0.79858
published_at 2026-04-09T12:55:00Z
6
value 0.01317
scoring_system epss
scoring_elements 0.7988
published_at 2026-04-11T12:55:00Z
7
value 0.01317
scoring_system epss
scoring_elements 0.79863
published_at 2026-04-12T12:55:00Z
8
value 0.01317
scoring_system epss
scoring_elements 0.79855
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-1148
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1148
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1148
3
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=663579
reference_id 663579
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=663579
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=687672
reference_id 687672
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=687672
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=801648
reference_id 801648
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=801648
6
reference_url https://security.gentoo.org/glsa/201209-06
reference_id GLSA-201209-06
reference_type
scores
url https://security.gentoo.org/glsa/201209-06
7
reference_url https://access.redhat.com/errata/RHSA-2012:0731
reference_id RHSA-2012:0731
reference_type
scores
url https://access.redhat.com/errata/RHSA-2012:0731
8
reference_url https://access.redhat.com/errata/RHSA-2016:2957
reference_id RHSA-2016:2957
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:2957
9
reference_url https://usn.ubuntu.com/1527-1/
reference_id USN-1527-1
reference_type
scores
url https://usn.ubuntu.com/1527-1/
10
reference_url https://usn.ubuntu.com/1527-2/
reference_id USN-1527-2
reference_type
scores
url https://usn.ubuntu.com/1527-2/
11
reference_url https://usn.ubuntu.com/1613-1/
reference_id USN-1613-1
reference_type
scores
url https://usn.ubuntu.com/1613-1/
12
reference_url https://usn.ubuntu.com/1613-2/
reference_id USN-1613-2
reference_type
scores
url https://usn.ubuntu.com/1613-2/
13
reference_url https://usn.ubuntu.com/7307-1/
reference_id USN-7307-1
reference_type
scores
url https://usn.ubuntu.com/7307-1/
14
reference_url https://usn.ubuntu.com/USN-5455-1/
reference_id USN-USN-5455-1
reference_type
scores
url https://usn.ubuntu.com/USN-5455-1/
fixed_packages
0
url pkg:deb/debian/expat@2.1.0-1%2Bdeb7u2
purl pkg:deb/debian/expat@2.1.0-1%2Bdeb7u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-28yc-wkq6-c7hb
1
vulnerability VCID-3465-gq22-3kfy
2
vulnerability VCID-4c32-p11r-zud5
3
vulnerability VCID-6c4q-2my8-aqbc
4
vulnerability VCID-6pk2-g77j-h3b2
5
vulnerability VCID-7ndj-4zn8-cqa4
6
vulnerability VCID-94fm-s7mp-vfdb
7
vulnerability VCID-96wu-nph4-5yb5
8
vulnerability VCID-9ern-6htc-p7c4
9
vulnerability VCID-cy2n-zexk-jyda
10
vulnerability VCID-d26t-ex9d-x3ev
11
vulnerability VCID-dy3x-vd1y-dbbn
12
vulnerability VCID-gf3f-k2be-67e2
13
vulnerability VCID-gtcn-kyd2-xqdk
14
vulnerability VCID-h5xc-cubs-5fgu
15
vulnerability VCID-k2kp-fv3q-vyh2
16
vulnerability VCID-kp8z-47q5-n7es
17
vulnerability VCID-mddr-7zar-6kfn
18
vulnerability VCID-n7m1-6qrq-auaf
19
vulnerability VCID-naf7-p1jf-z3ds
20
vulnerability VCID-nmh4-zpeh-4bcr
21
vulnerability VCID-nw3z-nwyg-87e5
22
vulnerability VCID-nw7y-2xct-8fa5
23
vulnerability VCID-pba8-g9ts-43bw
24
vulnerability VCID-qcbz-21vm-eqfd
25
vulnerability VCID-r14v-u2r3-rkhz
26
vulnerability VCID-rjbn-1a88-87cj
27
vulnerability VCID-th9f-gg4v-bbbe
28
vulnerability VCID-tt7m-c9zc-1kem
29
vulnerability VCID-u2yw-sybk-uug8
30
vulnerability VCID-uw5p-szmd-8qcm
31
vulnerability VCID-x8gp-vvxg-13cw
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/expat@2.1.0-1%252Bdeb7u2
aliases CVE-2012-1148
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-e742-j1bw-jbbh
14
url VCID-gf3f-k2be-67e2
vulnerability_id VCID-gf3f-k2be-67e2
summary Multiple vulnerabilities have been discovered in Expat, the worst of which could result in arbitrary code execution.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22824.json
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22824.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-22824
reference_id
reference_type
scores
0
value 0.00431
scoring_system epss
scoring_elements 0.62534
published_at 2026-04-02T12:55:00Z
1
value 0.00431
scoring_system epss
scoring_elements 0.62566
published_at 2026-04-04T12:55:00Z
2
value 0.00431
scoring_system epss
scoring_elements 0.62532
published_at 2026-04-07T12:55:00Z
3
value 0.00431
scoring_system epss
scoring_elements 0.62583
published_at 2026-04-13T12:55:00Z
4
value 0.00431
scoring_system epss
scoring_elements 0.62599
published_at 2026-04-09T12:55:00Z
5
value 0.00431
scoring_system epss
scoring_elements 0.62617
published_at 2026-04-11T12:55:00Z
6
value 0.00431
scoring_system epss
scoring_elements 0.62606
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-22824
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45960
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45960
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46143
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46143
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22822
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22822
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22823
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22823
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22824
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22824
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22825
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22825
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22826
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22826
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22827
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22827
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23852
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23852
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23990
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23990
12
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
13
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1003474
reference_id 1003474
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1003474
14
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2044467
reference_id 2044467
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2044467
15
reference_url https://security.gentoo.org/glsa/202209-24
reference_id GLSA-202209-24
reference_type
scores
url https://security.gentoo.org/glsa/202209-24
16
reference_url https://access.redhat.com/errata/RHSA-2022:0818
reference_id RHSA-2022:0818
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0818
17
reference_url https://access.redhat.com/errata/RHSA-2022:0824
reference_id RHSA-2022:0824
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0824
18
reference_url https://access.redhat.com/errata/RHSA-2022:0845
reference_id RHSA-2022:0845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0845
19
reference_url https://access.redhat.com/errata/RHSA-2022:0850
reference_id RHSA-2022:0850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0850
20
reference_url https://access.redhat.com/errata/RHSA-2022:0951
reference_id RHSA-2022:0951
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0951
21
reference_url https://access.redhat.com/errata/RHSA-2022:1069
reference_id RHSA-2022:1069
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1069
22
reference_url https://access.redhat.com/errata/RHSA-2022:7144
reference_id RHSA-2022:7144
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7144
23
reference_url https://access.redhat.com/errata/RHSA-2022:7692
reference_id RHSA-2022:7692
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7692
24
reference_url https://access.redhat.com/errata/RHSA-2025:22785
reference_id RHSA-2025:22785
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:22785
25
reference_url https://access.redhat.com/errata/RHSA-2025:22871
reference_id RHSA-2025:22871
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:22871
26
reference_url https://usn.ubuntu.com/5288-1/
reference_id USN-5288-1
reference_type
scores
url https://usn.ubuntu.com/5288-1/
27
reference_url https://usn.ubuntu.com/7199-1/
reference_id USN-7199-1
reference_type
scores
url https://usn.ubuntu.com/7199-1/
28
reference_url https://usn.ubuntu.com/USN-5455-1/
reference_id USN-USN-5455-1
reference_type
scores
url https://usn.ubuntu.com/USN-5455-1/
fixed_packages
0
url pkg:deb/debian/expat@2.2.6-2%2Bdeb10u4
purl pkg:deb/debian/expat@2.2.6-2%2Bdeb10u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-28yc-wkq6-c7hb
1
vulnerability VCID-4c32-p11r-zud5
2
vulnerability VCID-7ndj-4zn8-cqa4
3
vulnerability VCID-94fm-s7mp-vfdb
4
vulnerability VCID-9ern-6htc-p7c4
5
vulnerability VCID-cy2n-zexk-jyda
6
vulnerability VCID-d26t-ex9d-x3ev
7
vulnerability VCID-dy3x-vd1y-dbbn
8
vulnerability VCID-gf3f-k2be-67e2
9
vulnerability VCID-gtcn-kyd2-xqdk
10
vulnerability VCID-k2kp-fv3q-vyh2
11
vulnerability VCID-kp8z-47q5-n7es
12
vulnerability VCID-mddr-7zar-6kfn
13
vulnerability VCID-n7m1-6qrq-auaf
14
vulnerability VCID-nmh4-zpeh-4bcr
15
vulnerability VCID-nw3z-nwyg-87e5
16
vulnerability VCID-nw7y-2xct-8fa5
17
vulnerability VCID-pba8-g9ts-43bw
18
vulnerability VCID-rjbn-1a88-87cj
19
vulnerability VCID-th9f-gg4v-bbbe
20
vulnerability VCID-tt7m-c9zc-1kem
21
vulnerability VCID-u2yw-sybk-uug8
22
vulnerability VCID-uw5p-szmd-8qcm
23
vulnerability VCID-x8gp-vvxg-13cw
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/expat@2.2.6-2%252Bdeb10u4
1
url pkg:deb/debian/expat@2.2.10-2%2Bdeb11u5
purl pkg:deb/debian/expat@2.2.10-2%2Bdeb11u5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1fms-7y9v-dfc5
1
vulnerability VCID-77y6-jskt-qucb
2
vulnerability VCID-7ndj-4zn8-cqa4
3
vulnerability VCID-d26t-ex9d-x3ev
4
vulnerability VCID-gtcn-kyd2-xqdk
5
vulnerability VCID-jqe4-44gw-wbhu
6
vulnerability VCID-k2kp-fv3q-vyh2
7
vulnerability VCID-nguf-68jf-ryaz
8
vulnerability VCID-nktd-7gph-kkb1
9
vulnerability VCID-nw3z-nwyg-87e5
10
vulnerability VCID-qmx9-wkj4-67h3
11
vulnerability VCID-u5pr-wheu-h7c6
12
vulnerability VCID-utz3-ytaf-cbht
13
vulnerability VCID-v41j-xj8s-m7ar
14
vulnerability VCID-yw8s-ezc7-6ub8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/expat@2.2.10-2%252Bdeb11u5
aliases CVE-2022-22824
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gf3f-k2be-67e2
15
url VCID-gtcn-kyd2-xqdk
vulnerability_id VCID-gtcn-kyd2-xqdk
summary Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-45490.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-45490.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-45490
reference_id
reference_type
scores
0
value 0.00526
scoring_system epss
scoring_elements 0.67016
published_at 2026-04-13T12:55:00Z
1
value 0.00526
scoring_system epss
scoring_elements 0.6698
published_at 2026-04-07T12:55:00Z
2
value 0.00526
scoring_system epss
scoring_elements 0.6703
published_at 2026-04-08T12:55:00Z
3
value 0.00526
scoring_system epss
scoring_elements 0.67042
published_at 2026-04-09T12:55:00Z
4
value 0.00526
scoring_system epss
scoring_elements 0.67062
published_at 2026-04-11T12:55:00Z
5
value 0.00526
scoring_system epss
scoring_elements 0.67048
published_at 2026-04-12T12:55:00Z
6
value 0.00526
scoring_system epss
scoring_elements 0.66982
published_at 2026-04-02T12:55:00Z
7
value 0.00526
scoring_system epss
scoring_elements 0.67006
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-45490
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45490
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45490
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1080149
reference_id 1080149
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1080149
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2308615
reference_id 2308615
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2308615
6
reference_url https://github.com/libexpat/libexpat/issues/887
reference_id 887
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-08-30T18:17:03Z/
url https://github.com/libexpat/libexpat/issues/887
7
reference_url https://github.com/libexpat/libexpat/pull/890
reference_id 890
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-08-30T18:17:03Z/
url https://github.com/libexpat/libexpat/pull/890
8
reference_url https://security.gentoo.org/glsa/202501-09
reference_id GLSA-202501-09
reference_type
scores
url https://security.gentoo.org/glsa/202501-09
9
reference_url https://access.redhat.com/errata/RHSA-2024:10135
reference_id RHSA-2024:10135
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:10135
10
reference_url https://access.redhat.com/errata/RHSA-2024:11109
reference_id RHSA-2024:11109
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:11109
11
reference_url https://access.redhat.com/errata/RHSA-2024:6754
reference_id RHSA-2024:6754
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:6754
12
reference_url https://access.redhat.com/errata/RHSA-2024:6989
reference_id RHSA-2024:6989
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:6989
13
reference_url https://access.redhat.com/errata/RHSA-2024:7213
reference_id RHSA-2024:7213
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:7213
14
reference_url https://access.redhat.com/errata/RHSA-2024:7599
reference_id RHSA-2024:7599
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:7599
15
reference_url https://access.redhat.com/errata/RHSA-2024:9610
reference_id RHSA-2024:9610
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:9610
16
reference_url https://access.redhat.com/errata/RHSA-2025:3453
reference_id RHSA-2025:3453
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:3453
17
reference_url https://usn.ubuntu.com/7000-1/
reference_id USN-7000-1
reference_type
scores
url https://usn.ubuntu.com/7000-1/
18
reference_url https://usn.ubuntu.com/7000-2/
reference_id USN-7000-2
reference_type
scores
url https://usn.ubuntu.com/7000-2/
19
reference_url https://usn.ubuntu.com/7001-1/
reference_id USN-7001-1
reference_type
scores
url https://usn.ubuntu.com/7001-1/
20
reference_url https://usn.ubuntu.com/7001-2/
reference_id USN-7001-2
reference_type
scores
url https://usn.ubuntu.com/7001-2/
fixed_packages
0
url pkg:deb/debian/expat@2.5.0-1%2Bdeb12u2
purl pkg:deb/debian/expat@2.5.0-1%2Bdeb12u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-77y6-jskt-qucb
1
vulnerability VCID-jqe4-44gw-wbhu
2
vulnerability VCID-nktd-7gph-kkb1
3
vulnerability VCID-qmx9-wkj4-67h3
4
vulnerability VCID-u5pr-wheu-h7c6
5
vulnerability VCID-utz3-ytaf-cbht
6
vulnerability VCID-v41j-xj8s-m7ar
7
vulnerability VCID-yw8s-ezc7-6ub8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/expat@2.5.0-1%252Bdeb12u2
aliases CVE-2024-45490
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gtcn-kyd2-xqdk
16
url VCID-h5xc-cubs-5fgu
vulnerability_id VCID-h5xc-cubs-5fgu
summary 
Multiple vulnerabilities have been found in Expat, the worst of
    which may allow execution of arbitrary code.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4472.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4472.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-4472
reference_id
reference_type
scores
0
value 0.02271
scoring_system epss
scoring_elements 0.84645
published_at 2026-04-13T12:55:00Z
1
value 0.02271
scoring_system epss
scoring_elements 0.84654
published_at 2026-04-11T12:55:00Z
2
value 0.02271
scoring_system epss
scoring_elements 0.84649
published_at 2026-04-12T12:55:00Z
3
value 0.02271
scoring_system epss
scoring_elements 0.8457
published_at 2026-04-01T12:55:00Z
4
value 0.02271
scoring_system epss
scoring_elements 0.84584
published_at 2026-04-02T12:55:00Z
5
value 0.02271
scoring_system epss
scoring_elements 0.84605
published_at 2026-04-04T12:55:00Z
6
value 0.02271
scoring_system epss
scoring_elements 0.84607
published_at 2026-04-07T12:55:00Z
7
value 0.02271
scoring_system epss
scoring_elements 0.84629
published_at 2026-04-08T12:55:00Z
8
value 0.02271
scoring_system epss
scoring_elements 0.84635
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-4472
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4472
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4472
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://kc.mcafee.com/corporate/index?page=content&id=SB10365
reference_id
reference_type
scores
url https://kc.mcafee.com/corporate/index?page=content&id=SB10365
5
reference_url https://sourceforge.net/p/expat/code_git/ci/f0bec73b018caa07d3e75ec8dd967f3785d71bde
reference_id
reference_type
scores
url https://sourceforge.net/p/expat/code_git/ci/f0bec73b018caa07d3e75ec8dd967f3785d71bde
6
reference_url https://www.tenable.com/security/tns-2016-20
reference_id
reference_type
scores
url https://www.tenable.com/security/tns-2016-20
7
reference_url http://www.securityfocus.com/bid/91528
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/91528
8
reference_url http://www.ubuntu.com/usn/USN-3013-1
reference_id
reference_type
scores
url http://www.ubuntu.com/usn/USN-3013-1
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1344251
reference_id 1344251
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1344251
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libexpat_project:libexpat:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:libexpat_project:libexpat:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libexpat_project:libexpat:*:*:*:*:*:*:*:*
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mcafee:policy_auditor:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:mcafee:policy_auditor:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mcafee:policy_auditor:*:*:*:*:*:*:*:*
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:python:python:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:*:*:*:*:*:*:*:*
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*
14
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-4472
reference_id CVE-2016-4472
reference_type
scores
0
value 6.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:P
1
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2016-4472
15
reference_url https://security.gentoo.org/glsa/201701-21
reference_id GLSA-201701-21
reference_type
scores
url https://security.gentoo.org/glsa/201701-21
16
reference_url https://usn.ubuntu.com/3013-1/
reference_id USN-3013-1
reference_type
scores
url https://usn.ubuntu.com/3013-1/
17
reference_url https://usn.ubuntu.com/7199-1/
reference_id USN-7199-1
reference_type
scores
url https://usn.ubuntu.com/7199-1/
18
reference_url https://usn.ubuntu.com/USN-5455-1/
reference_id USN-USN-5455-1
reference_type
scores
url https://usn.ubuntu.com/USN-5455-1/
fixed_packages
0
url pkg:deb/debian/expat@2.1.0-6%2Bdeb8u4
purl pkg:deb/debian/expat@2.1.0-6%2Bdeb8u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-28yc-wkq6-c7hb
1
vulnerability VCID-3465-gq22-3kfy
2
vulnerability VCID-4c32-p11r-zud5
3
vulnerability VCID-6c4q-2my8-aqbc
4
vulnerability VCID-6pk2-g77j-h3b2
5
vulnerability VCID-7ndj-4zn8-cqa4
6
vulnerability VCID-94fm-s7mp-vfdb
7
vulnerability VCID-96wu-nph4-5yb5
8
vulnerability VCID-9ern-6htc-p7c4
9
vulnerability VCID-cy2n-zexk-jyda
10
vulnerability VCID-d26t-ex9d-x3ev
11
vulnerability VCID-dy3x-vd1y-dbbn
12
vulnerability VCID-gf3f-k2be-67e2
13
vulnerability VCID-gtcn-kyd2-xqdk
14
vulnerability VCID-h5xc-cubs-5fgu
15
vulnerability VCID-k2kp-fv3q-vyh2
16
vulnerability VCID-kp8z-47q5-n7es
17
vulnerability VCID-mddr-7zar-6kfn
18
vulnerability VCID-n7m1-6qrq-auaf
19
vulnerability VCID-naf7-p1jf-z3ds
20
vulnerability VCID-nmh4-zpeh-4bcr
21
vulnerability VCID-nw3z-nwyg-87e5
22
vulnerability VCID-nw7y-2xct-8fa5
23
vulnerability VCID-pba8-g9ts-43bw
24
vulnerability VCID-qcbz-21vm-eqfd
25
vulnerability VCID-r14v-u2r3-rkhz
26
vulnerability VCID-rjbn-1a88-87cj
27
vulnerability VCID-th9f-gg4v-bbbe
28
vulnerability VCID-tt7m-c9zc-1kem
29
vulnerability VCID-u2yw-sybk-uug8
30
vulnerability VCID-uw5p-szmd-8qcm
31
vulnerability VCID-x8gp-vvxg-13cw
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/expat@2.1.0-6%252Bdeb8u4
1
url pkg:deb/debian/expat@2.2.0-2%2Bdeb9u3
purl pkg:deb/debian/expat@2.2.0-2%2Bdeb9u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-28yc-wkq6-c7hb
1
vulnerability VCID-4c32-p11r-zud5
2
vulnerability VCID-7ndj-4zn8-cqa4
3
vulnerability VCID-94fm-s7mp-vfdb
4
vulnerability VCID-9ern-6htc-p7c4
5
vulnerability VCID-cy2n-zexk-jyda
6
vulnerability VCID-d26t-ex9d-x3ev
7
vulnerability VCID-dy3x-vd1y-dbbn
8
vulnerability VCID-gf3f-k2be-67e2
9
vulnerability VCID-gtcn-kyd2-xqdk
10
vulnerability VCID-k2kp-fv3q-vyh2
11
vulnerability VCID-kp8z-47q5-n7es
12
vulnerability VCID-mddr-7zar-6kfn
13
vulnerability VCID-n7m1-6qrq-auaf
14
vulnerability VCID-naf7-p1jf-z3ds
15
vulnerability VCID-nmh4-zpeh-4bcr
16
vulnerability VCID-nw3z-nwyg-87e5
17
vulnerability VCID-nw7y-2xct-8fa5
18
vulnerability VCID-pba8-g9ts-43bw
19
vulnerability VCID-r14v-u2r3-rkhz
20
vulnerability VCID-rjbn-1a88-87cj
21
vulnerability VCID-th9f-gg4v-bbbe
22
vulnerability VCID-tt7m-c9zc-1kem
23
vulnerability VCID-u2yw-sybk-uug8
24
vulnerability VCID-uw5p-szmd-8qcm
25
vulnerability VCID-x8gp-vvxg-13cw
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/expat@2.2.0-2%252Bdeb9u3
aliases CVE-2016-4472
risk_score 3.6
exploitability 0.5
weighted_severity 7.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-h5xc-cubs-5fgu
17
url VCID-k2kp-fv3q-vyh2
vulnerability_id VCID-k2kp-fv3q-vyh2
summary libexpat: expat: DoS via XML_ResumeParser
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-50602.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-50602.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-50602
reference_id
reference_type
scores
0
value 0.00127
scoring_system epss
scoring_elements 0.31946
published_at 2026-04-13T12:55:00Z
1
value 0.00127
scoring_system epss
scoring_elements 0.32016
published_at 2026-04-09T12:55:00Z
2
value 0.00127
scoring_system epss
scoring_elements 0.32019
published_at 2026-04-11T12:55:00Z
3
value 0.00127
scoring_system epss
scoring_elements 0.3198
published_at 2026-04-12T12:55:00Z
4
value 0.00127
scoring_system epss
scoring_elements 0.32074
published_at 2026-04-02T12:55:00Z
5
value 0.00127
scoring_system epss
scoring_elements 0.32114
published_at 2026-04-04T12:55:00Z
6
value 0.00127
scoring_system epss
scoring_elements 0.31936
published_at 2026-04-07T12:55:00Z
7
value 0.00127
scoring_system epss
scoring_elements 0.31987
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-50602
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50602
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50602
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1086134
reference_id 1086134
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1086134
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2321987
reference_id 2321987
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2321987
6
reference_url https://github.com/libexpat/libexpat/pull/915
reference_id 915
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-30T18:00:51Z/
url https://github.com/libexpat/libexpat/pull/915
7
reference_url https://access.redhat.com/errata/RHSA-2024:11200
reference_id RHSA-2024:11200
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:11200
8
reference_url https://access.redhat.com/errata/RHSA-2024:9502
reference_id RHSA-2024:9502
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:9502
9
reference_url https://access.redhat.com/errata/RHSA-2024:9541
reference_id RHSA-2024:9541
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:9541
10
reference_url https://access.redhat.com/errata/RHSA-2025:3350
reference_id RHSA-2025:3350
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:3350
11
reference_url https://usn.ubuntu.com/7145-1/
reference_id USN-7145-1
reference_type
scores
url https://usn.ubuntu.com/7145-1/
fixed_packages
0
url pkg:deb/debian/expat@2.5.0-1%2Bdeb12u2
purl pkg:deb/debian/expat@2.5.0-1%2Bdeb12u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-77y6-jskt-qucb
1
vulnerability VCID-jqe4-44gw-wbhu
2
vulnerability VCID-nktd-7gph-kkb1
3
vulnerability VCID-qmx9-wkj4-67h3
4
vulnerability VCID-u5pr-wheu-h7c6
5
vulnerability VCID-utz3-ytaf-cbht
6
vulnerability VCID-v41j-xj8s-m7ar
7
vulnerability VCID-yw8s-ezc7-6ub8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/expat@2.5.0-1%252Bdeb12u2
aliases CVE-2024-50602
risk_score 2.6
exploitability 0.5
weighted_severity 5.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k2kp-fv3q-vyh2
18
url VCID-kp8z-47q5-n7es
vulnerability_id VCID-kp8z-47q5-n7es
summary Multiple vulnerabilities have been discovered in Expat, the worst of which could result in arbitrary code execution.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22827.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22827.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-22827
reference_id
reference_type
scores
0
value 0.00279
scoring_system epss
scoring_elements 0.5128
published_at 2026-04-02T12:55:00Z
1
value 0.00279
scoring_system epss
scoring_elements 0.51305
published_at 2026-04-04T12:55:00Z
2
value 0.00279
scoring_system epss
scoring_elements 0.51264
published_at 2026-04-07T12:55:00Z
3
value 0.00279
scoring_system epss
scoring_elements 0.51319
published_at 2026-04-08T12:55:00Z
4
value 0.00279
scoring_system epss
scoring_elements 0.51316
published_at 2026-04-09T12:55:00Z
5
value 0.00279
scoring_system epss
scoring_elements 0.5136
published_at 2026-04-11T12:55:00Z
6
value 0.00279
scoring_system epss
scoring_elements 0.51339
published_at 2026-04-12T12:55:00Z
7
value 0.00279
scoring_system epss
scoring_elements 0.51325
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-22827
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45960
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45960
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46143
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46143
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22822
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22822
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22823
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22823
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22824
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22824
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22825
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22825
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22826
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22826
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22827
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22827
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23852
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23852
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23990
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23990
12
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
13
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1003474
reference_id 1003474
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1003474
14
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2044488
reference_id 2044488
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2044488
15
reference_url https://security.gentoo.org/glsa/202209-24
reference_id GLSA-202209-24
reference_type
scores
url https://security.gentoo.org/glsa/202209-24
16
reference_url https://access.redhat.com/errata/RHSA-2022:0951
reference_id RHSA-2022:0951
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0951
17
reference_url https://access.redhat.com/errata/RHSA-2022:1069
reference_id RHSA-2022:1069
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1069
18
reference_url https://access.redhat.com/errata/RHSA-2022:7144
reference_id RHSA-2022:7144
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7144
19
reference_url https://access.redhat.com/errata/RHSA-2022:7692
reference_id RHSA-2022:7692
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7692
20
reference_url https://access.redhat.com/errata/RHSA-2025:22785
reference_id RHSA-2025:22785
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:22785
21
reference_url https://access.redhat.com/errata/RHSA-2025:22871
reference_id RHSA-2025:22871
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:22871
22
reference_url https://usn.ubuntu.com/5288-1/
reference_id USN-5288-1
reference_type
scores
url https://usn.ubuntu.com/5288-1/
23
reference_url https://usn.ubuntu.com/7199-1/
reference_id USN-7199-1
reference_type
scores
url https://usn.ubuntu.com/7199-1/
24
reference_url https://usn.ubuntu.com/USN-5455-1/
reference_id USN-USN-5455-1
reference_type
scores
url https://usn.ubuntu.com/USN-5455-1/
fixed_packages
0
url pkg:deb/debian/expat@2.2.6-2%2Bdeb10u4
purl pkg:deb/debian/expat@2.2.6-2%2Bdeb10u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-28yc-wkq6-c7hb
1
vulnerability VCID-4c32-p11r-zud5
2
vulnerability VCID-7ndj-4zn8-cqa4
3
vulnerability VCID-94fm-s7mp-vfdb
4
vulnerability VCID-9ern-6htc-p7c4
5
vulnerability VCID-cy2n-zexk-jyda
6
vulnerability VCID-d26t-ex9d-x3ev
7
vulnerability VCID-dy3x-vd1y-dbbn
8
vulnerability VCID-gf3f-k2be-67e2
9
vulnerability VCID-gtcn-kyd2-xqdk
10
vulnerability VCID-k2kp-fv3q-vyh2
11
vulnerability VCID-kp8z-47q5-n7es
12
vulnerability VCID-mddr-7zar-6kfn
13
vulnerability VCID-n7m1-6qrq-auaf
14
vulnerability VCID-nmh4-zpeh-4bcr
15
vulnerability VCID-nw3z-nwyg-87e5
16
vulnerability VCID-nw7y-2xct-8fa5
17
vulnerability VCID-pba8-g9ts-43bw
18
vulnerability VCID-rjbn-1a88-87cj
19
vulnerability VCID-th9f-gg4v-bbbe
20
vulnerability VCID-tt7m-c9zc-1kem
21
vulnerability VCID-u2yw-sybk-uug8
22
vulnerability VCID-uw5p-szmd-8qcm
23
vulnerability VCID-x8gp-vvxg-13cw
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/expat@2.2.6-2%252Bdeb10u4
1
url pkg:deb/debian/expat@2.2.10-2%2Bdeb11u5
purl pkg:deb/debian/expat@2.2.10-2%2Bdeb11u5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1fms-7y9v-dfc5
1
vulnerability VCID-77y6-jskt-qucb
2
vulnerability VCID-7ndj-4zn8-cqa4
3
vulnerability VCID-d26t-ex9d-x3ev
4
vulnerability VCID-gtcn-kyd2-xqdk
5
vulnerability VCID-jqe4-44gw-wbhu
6
vulnerability VCID-k2kp-fv3q-vyh2
7
vulnerability VCID-nguf-68jf-ryaz
8
vulnerability VCID-nktd-7gph-kkb1
9
vulnerability VCID-nw3z-nwyg-87e5
10
vulnerability VCID-qmx9-wkj4-67h3
11
vulnerability VCID-u5pr-wheu-h7c6
12
vulnerability VCID-utz3-ytaf-cbht
13
vulnerability VCID-v41j-xj8s-m7ar
14
vulnerability VCID-yw8s-ezc7-6ub8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/expat@2.2.10-2%252Bdeb11u5
aliases CVE-2022-22827
risk_score 4.0
exploitability 0.5
weighted_severity 7.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kp8z-47q5-n7es
19
url VCID-mddr-7zar-6kfn
vulnerability_id VCID-mddr-7zar-6kfn
summary Multiple vulnerabilities have been discovered in Expat, the worst of which could result in arbitrary code execution.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-25236.json
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-25236.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-25236
reference_id
reference_type
scores
0
value 0.07383
scoring_system epss
scoring_elements 0.91728
published_at 2026-04-09T12:55:00Z
1
value 0.07383
scoring_system epss
scoring_elements 0.91729
published_at 2026-04-13T12:55:00Z
2
value 0.07383
scoring_system epss
scoring_elements 0.91733
published_at 2026-04-12T12:55:00Z
3
value 0.07383
scoring_system epss
scoring_elements 0.91731
published_at 2026-04-11T12:55:00Z
4
value 0.07383
scoring_system epss
scoring_elements 0.91721
published_at 2026-04-08T12:55:00Z
5
value 0.07383
scoring_system epss
scoring_elements 0.91708
published_at 2026-04-07T12:55:00Z
6
value 0.09358
scoring_system epss
scoring_elements 0.92751
published_at 2026-04-02T12:55:00Z
7
value 0.09358
scoring_system epss
scoring_elements 0.92757
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-25236
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25235
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25235
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25236
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25236
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25313
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25313
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25314
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25314
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25315
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25315
7
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
8
reference_url http://www.openwall.com/lists/oss-security/2022/02/19/1
reference_id 1
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:40Z/
url http://www.openwall.com/lists/oss-security/2022/02/19/1
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1005895
reference_id 1005895
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1005895
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2056370
reference_id 2056370
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2056370
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU/
reference_id 3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:40Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU/
12
reference_url https://github.com/libexpat/libexpat/pull/561
reference_id 561
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:40Z/
url https://github.com/libexpat/libexpat/pull/561
13
reference_url https://www.debian.org/security/2022/dsa-5085
reference_id dsa-5085
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:40Z/
url https://www.debian.org/security/2022/dsa-5085
14
reference_url https://security.gentoo.org/glsa/202209-24
reference_id GLSA-202209-24
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:40Z/
url https://security.gentoo.org/glsa/202209-24
15
reference_url https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html
reference_id msg00007.html
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:40Z/
url https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html
16
reference_url https://security.netapp.com/advisory/ntap-20220303-0008/
reference_id ntap-20220303-0008
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:40Z/
url https://security.netapp.com/advisory/ntap-20220303-0008/
17
reference_url https://access.redhat.com/errata/RHSA-2022:0815
reference_id RHSA-2022:0815
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0815
18
reference_url https://access.redhat.com/errata/RHSA-2022:0816
reference_id RHSA-2022:0816
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0816
19
reference_url https://access.redhat.com/errata/RHSA-2022:0817
reference_id RHSA-2022:0817
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0817
20
reference_url https://access.redhat.com/errata/RHSA-2022:0818
reference_id RHSA-2022:0818
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0818
21
reference_url https://access.redhat.com/errata/RHSA-2022:0824
reference_id RHSA-2022:0824
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0824
22
reference_url https://access.redhat.com/errata/RHSA-2022:0843
reference_id RHSA-2022:0843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0843
23
reference_url https://access.redhat.com/errata/RHSA-2022:0845
reference_id RHSA-2022:0845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0845
24
reference_url https://access.redhat.com/errata/RHSA-2022:0847
reference_id RHSA-2022:0847
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0847
25
reference_url https://access.redhat.com/errata/RHSA-2022:0850
reference_id RHSA-2022:0850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0850
26
reference_url https://access.redhat.com/errata/RHSA-2022:0853
reference_id RHSA-2022:0853
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0853
27
reference_url https://access.redhat.com/errata/RHSA-2022:0951
reference_id RHSA-2022:0951
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0951
28
reference_url https://access.redhat.com/errata/RHSA-2022:1012
reference_id RHSA-2022:1012
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1012
29
reference_url https://access.redhat.com/errata/RHSA-2022:1053
reference_id RHSA-2022:1053
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1053
30
reference_url https://access.redhat.com/errata/RHSA-2022:1068
reference_id RHSA-2022:1068
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1068
31
reference_url https://access.redhat.com/errata/RHSA-2022:1069
reference_id RHSA-2022:1069
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1069
32
reference_url https://access.redhat.com/errata/RHSA-2022:1070
reference_id RHSA-2022:1070
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1070
33
reference_url https://access.redhat.com/errata/RHSA-2022:1263
reference_id RHSA-2022:1263
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1263
34
reference_url https://access.redhat.com/errata/RHSA-2022:1309
reference_id RHSA-2022:1309
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1309
35
reference_url https://access.redhat.com/errata/RHSA-2022:7144
reference_id RHSA-2022:7144
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7144
36
reference_url https://access.redhat.com/errata/RHSA-2022:7811
reference_id RHSA-2022:7811
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7811
37
reference_url https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf
reference_id ssa-484086.pdf
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:40Z/
url https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf
38
reference_url https://usn.ubuntu.com/5288-1/
reference_id USN-5288-1
reference_type
scores
url https://usn.ubuntu.com/5288-1/
39
reference_url https://usn.ubuntu.com/USN-5455-1/
reference_id USN-USN-5455-1
reference_type
scores
url https://usn.ubuntu.com/USN-5455-1/
40
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM/
reference_id Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:40Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM/
41
reference_url http://packetstormsecurity.com/files/167238/Zoom-XMPP-Stanza-Smuggling-Remote-Code-Execution.html
reference_id Zoom-XMPP-Stanza-Smuggling-Remote-Code-Execution.html
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:40Z/
url http://packetstormsecurity.com/files/167238/Zoom-XMPP-Stanza-Smuggling-Remote-Code-Execution.html
fixed_packages
0
url pkg:deb/debian/expat@2.2.6-2%2Bdeb10u4
purl pkg:deb/debian/expat@2.2.6-2%2Bdeb10u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-28yc-wkq6-c7hb
1
vulnerability VCID-4c32-p11r-zud5
2
vulnerability VCID-7ndj-4zn8-cqa4
3
vulnerability VCID-94fm-s7mp-vfdb
4
vulnerability VCID-9ern-6htc-p7c4
5
vulnerability VCID-cy2n-zexk-jyda
6
vulnerability VCID-d26t-ex9d-x3ev
7
vulnerability VCID-dy3x-vd1y-dbbn
8
vulnerability VCID-gf3f-k2be-67e2
9
vulnerability VCID-gtcn-kyd2-xqdk
10
vulnerability VCID-k2kp-fv3q-vyh2
11
vulnerability VCID-kp8z-47q5-n7es
12
vulnerability VCID-mddr-7zar-6kfn
13
vulnerability VCID-n7m1-6qrq-auaf
14
vulnerability VCID-nmh4-zpeh-4bcr
15
vulnerability VCID-nw3z-nwyg-87e5
16
vulnerability VCID-nw7y-2xct-8fa5
17
vulnerability VCID-pba8-g9ts-43bw
18
vulnerability VCID-rjbn-1a88-87cj
19
vulnerability VCID-th9f-gg4v-bbbe
20
vulnerability VCID-tt7m-c9zc-1kem
21
vulnerability VCID-u2yw-sybk-uug8
22
vulnerability VCID-uw5p-szmd-8qcm
23
vulnerability VCID-x8gp-vvxg-13cw
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/expat@2.2.6-2%252Bdeb10u4
1
url pkg:deb/debian/expat@2.2.10-2%2Bdeb11u5
purl pkg:deb/debian/expat@2.2.10-2%2Bdeb11u5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1fms-7y9v-dfc5
1
vulnerability VCID-77y6-jskt-qucb
2
vulnerability VCID-7ndj-4zn8-cqa4
3
vulnerability VCID-d26t-ex9d-x3ev
4
vulnerability VCID-gtcn-kyd2-xqdk
5
vulnerability VCID-jqe4-44gw-wbhu
6
vulnerability VCID-k2kp-fv3q-vyh2
7
vulnerability VCID-nguf-68jf-ryaz
8
vulnerability VCID-nktd-7gph-kkb1
9
vulnerability VCID-nw3z-nwyg-87e5
10
vulnerability VCID-qmx9-wkj4-67h3
11
vulnerability VCID-u5pr-wheu-h7c6
12
vulnerability VCID-utz3-ytaf-cbht
13
vulnerability VCID-v41j-xj8s-m7ar
14
vulnerability VCID-yw8s-ezc7-6ub8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/expat@2.2.10-2%252Bdeb11u5
aliases CVE-2022-25236
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mddr-7zar-6kfn
20
url VCID-n7m1-6qrq-auaf
vulnerability_id VCID-n7m1-6qrq-auaf
summary regression update
references
fixed_packages
0
url pkg:deb/debian/expat@2.2.6-2%2Bdeb10u4
purl pkg:deb/debian/expat@2.2.6-2%2Bdeb10u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-28yc-wkq6-c7hb
1
vulnerability VCID-4c32-p11r-zud5
2
vulnerability VCID-7ndj-4zn8-cqa4
3
vulnerability VCID-94fm-s7mp-vfdb
4
vulnerability VCID-9ern-6htc-p7c4
5
vulnerability VCID-cy2n-zexk-jyda
6
vulnerability VCID-d26t-ex9d-x3ev
7
vulnerability VCID-dy3x-vd1y-dbbn
8
vulnerability VCID-gf3f-k2be-67e2
9
vulnerability VCID-gtcn-kyd2-xqdk
10
vulnerability VCID-k2kp-fv3q-vyh2
11
vulnerability VCID-kp8z-47q5-n7es
12
vulnerability VCID-mddr-7zar-6kfn
13
vulnerability VCID-n7m1-6qrq-auaf
14
vulnerability VCID-nmh4-zpeh-4bcr
15
vulnerability VCID-nw3z-nwyg-87e5
16
vulnerability VCID-nw7y-2xct-8fa5
17
vulnerability VCID-pba8-g9ts-43bw
18
vulnerability VCID-rjbn-1a88-87cj
19
vulnerability VCID-th9f-gg4v-bbbe
20
vulnerability VCID-tt7m-c9zc-1kem
21
vulnerability VCID-u2yw-sybk-uug8
22
vulnerability VCID-uw5p-szmd-8qcm
23
vulnerability VCID-x8gp-vvxg-13cw
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/expat@2.2.6-2%252Bdeb10u4
1
url pkg:deb/debian/expat@2.2.10-2%2Bdeb11u5
purl pkg:deb/debian/expat@2.2.10-2%2Bdeb11u5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1fms-7y9v-dfc5
1
vulnerability VCID-77y6-jskt-qucb
2
vulnerability VCID-7ndj-4zn8-cqa4
3
vulnerability VCID-d26t-ex9d-x3ev
4
vulnerability VCID-gtcn-kyd2-xqdk
5
vulnerability VCID-jqe4-44gw-wbhu
6
vulnerability VCID-k2kp-fv3q-vyh2
7
vulnerability VCID-nguf-68jf-ryaz
8
vulnerability VCID-nktd-7gph-kkb1
9
vulnerability VCID-nw3z-nwyg-87e5
10
vulnerability VCID-qmx9-wkj4-67h3
11
vulnerability VCID-u5pr-wheu-h7c6
12
vulnerability VCID-utz3-ytaf-cbht
13
vulnerability VCID-v41j-xj8s-m7ar
14
vulnerability VCID-yw8s-ezc7-6ub8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/expat@2.2.10-2%252Bdeb11u5
aliases DSA-5085-2 expat
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-n7m1-6qrq-auaf
21
url VCID-naf7-p1jf-z3ds
vulnerability_id VCID-naf7-p1jf-z3ds
summary 
Improper Restriction of XML External Entity Reference
`libexpat` in Expat, XML input including XML names that contain many colons could make the XML parser consume a high amount of RAM and CPU resources while processing, leading to a possible denial-of-service attack.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20843.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20843.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-20843
reference_id
reference_type
scores
0
value 0.05584
scoring_system epss
scoring_elements 0.90309
published_at 2026-04-11T12:55:00Z
1
value 0.05584
scoring_system epss
scoring_elements 0.90308
published_at 2026-04-12T12:55:00Z
2
value 0.05584
scoring_system epss
scoring_elements 0.90301
published_at 2026-04-09T12:55:00Z
3
value 0.05584
scoring_system epss
scoring_elements 0.90302
published_at 2026-04-13T12:55:00Z
4
value 0.05686
scoring_system epss
scoring_elements 0.90359
published_at 2026-04-01T12:55:00Z
5
value 0.05686
scoring_system epss
scoring_elements 0.90392
published_at 2026-04-08T12:55:00Z
6
value 0.05686
scoring_system epss
scoring_elements 0.90378
published_at 2026-04-07T12:55:00Z
7
value 0.05686
scoring_system epss
scoring_elements 0.90374
published_at 2026-04-04T12:55:00Z
8
value 0.05686
scoring_system epss
scoring_elements 0.90361
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-20843
2
reference_url https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5226
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:37:31Z/
url https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5226
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20843
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20843
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://github.com/libexpat/libexpat/issues/186
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:37:31Z/
url https://github.com/libexpat/libexpat/issues/186
6
reference_url https://github.com/libexpat/libexpat/pull/262/commits/11f8838bf99ea0a6f0b76f9760c43704d00c4ff6
reference_id 11f8838bf99ea0a6f0b76f9760c43704d00c4ff6
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:37:31Z/
url https://github.com/libexpat/libexpat/pull/262/commits/11f8838bf99ea0a6f0b76f9760c43704d00c4ff6
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1723723
reference_id 1723723
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1723723
8
reference_url https://github.com/libexpat/libexpat/pull/262
reference_id 262
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:37:31Z/
url https://github.com/libexpat/libexpat/pull/262
9
reference_url https://seclists.org/bugtraq/2019/Jun/39
reference_id 39
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:37:31Z/
url https://seclists.org/bugtraq/2019/Jun/39
10
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931031
reference_id 931031
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931031
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CEJJSQSG3KSUQY4FPVHZ7ZTT7FORMFVD/
reference_id CEJJSQSG3KSUQY4FPVHZ7ZTT7FORMFVD
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:37:31Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CEJJSQSG3KSUQY4FPVHZ7ZTT7FORMFVD/
12
reference_url https://github.com/libexpat/libexpat/blob/R_2_2_7/expat/Changes
reference_id Changes
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:37:31Z/
url https://github.com/libexpat/libexpat/blob/R_2_2_7/expat/Changes
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-20843
reference_id CVE-2018-20843
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2018-20843
14
reference_url https://www.debian.org/security/2019/dsa-4472
reference_id dsa-4472
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:37:31Z/
url https://www.debian.org/security/2019/dsa-4472
15
reference_url https://security.gentoo.org/glsa/201911-08
reference_id GLSA-201911-08
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:37:31Z/
url https://security.gentoo.org/glsa/201911-08
16
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IDAUGEB3TUP6NEKJDBUBZX7N5OAUOOOK/
reference_id IDAUGEB3TUP6NEKJDBUBZX7N5OAUOOOK
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:37:31Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IDAUGEB3TUP6NEKJDBUBZX7N5OAUOOOK/
17
reference_url https://support.f5.com/csp/article/K51011533
reference_id K51011533
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:37:31Z/
url https://support.f5.com/csp/article/K51011533
18
reference_url https://lists.debian.org/debian-lts-announce/2019/06/msg00028.html
reference_id msg00028.html
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:37:31Z/
url https://lists.debian.org/debian-lts-announce/2019/06/msg00028.html
19
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00039.html
reference_id msg00039.html
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:37:31Z/
url http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00039.html
20
reference_url https://security.netapp.com/advisory/ntap-20190703-0001/
reference_id ntap-20190703-0001
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:37:31Z/
url https://security.netapp.com/advisory/ntap-20190703-0001/
21
reference_url https://access.redhat.com/errata/RHSA-2020:2644
reference_id RHSA-2020:2644
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2644
22
reference_url https://access.redhat.com/errata/RHSA-2020:2646
reference_id RHSA-2020:2646
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2646
23
reference_url https://access.redhat.com/errata/RHSA-2020:3952
reference_id RHSA-2020:3952
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3952
24
reference_url https://access.redhat.com/errata/RHSA-2020:4484
reference_id RHSA-2020:4484
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4484
25
reference_url https://access.redhat.com/errata/RHSA-2020:4846
reference_id RHSA-2020:4846
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4846
26
reference_url https://access.redhat.com/errata/RHSA-2021:0949
reference_id RHSA-2021:0949
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0949
27
reference_url https://access.redhat.com/errata/RHSA-2025:22871
reference_id RHSA-2025:22871
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:22871
28
reference_url https://usn.ubuntu.com/4040-1/
reference_id USN-4040-1
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:37:31Z/
url https://usn.ubuntu.com/4040-1/
29
reference_url https://usn.ubuntu.com/4040-2/
reference_id USN-4040-2
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:37:31Z/
url https://usn.ubuntu.com/4040-2/
30
reference_url https://usn.ubuntu.com/7199-1/
reference_id USN-7199-1
reference_type
scores
url https://usn.ubuntu.com/7199-1/
31
reference_url https://usn.ubuntu.com/USN-4852-1/
reference_id USN-USN-4852-1
reference_type
scores
url https://usn.ubuntu.com/USN-4852-1/
32
reference_url https://usn.ubuntu.com/USN-5455-1/
reference_id USN-USN-5455-1
reference_type
scores
url https://usn.ubuntu.com/USN-5455-1/
fixed_packages
0
url pkg:deb/debian/expat@2.2.0-2%2Bdeb9u3
purl pkg:deb/debian/expat@2.2.0-2%2Bdeb9u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-28yc-wkq6-c7hb
1
vulnerability VCID-4c32-p11r-zud5
2
vulnerability VCID-7ndj-4zn8-cqa4
3
vulnerability VCID-94fm-s7mp-vfdb
4
vulnerability VCID-9ern-6htc-p7c4
5
vulnerability VCID-cy2n-zexk-jyda
6
vulnerability VCID-d26t-ex9d-x3ev
7
vulnerability VCID-dy3x-vd1y-dbbn
8
vulnerability VCID-gf3f-k2be-67e2
9
vulnerability VCID-gtcn-kyd2-xqdk
10
vulnerability VCID-k2kp-fv3q-vyh2
11
vulnerability VCID-kp8z-47q5-n7es
12
vulnerability VCID-mddr-7zar-6kfn
13
vulnerability VCID-n7m1-6qrq-auaf
14
vulnerability VCID-naf7-p1jf-z3ds
15
vulnerability VCID-nmh4-zpeh-4bcr
16
vulnerability VCID-nw3z-nwyg-87e5
17
vulnerability VCID-nw7y-2xct-8fa5
18
vulnerability VCID-pba8-g9ts-43bw
19
vulnerability VCID-r14v-u2r3-rkhz
20
vulnerability VCID-rjbn-1a88-87cj
21
vulnerability VCID-th9f-gg4v-bbbe
22
vulnerability VCID-tt7m-c9zc-1kem
23
vulnerability VCID-u2yw-sybk-uug8
24
vulnerability VCID-uw5p-szmd-8qcm
25
vulnerability VCID-x8gp-vvxg-13cw
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/expat@2.2.0-2%252Bdeb9u3
1
url pkg:deb/debian/expat@2.2.6-2%2Bdeb10u4
purl pkg:deb/debian/expat@2.2.6-2%2Bdeb10u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-28yc-wkq6-c7hb
1
vulnerability VCID-4c32-p11r-zud5
2
vulnerability VCID-7ndj-4zn8-cqa4
3
vulnerability VCID-94fm-s7mp-vfdb
4
vulnerability VCID-9ern-6htc-p7c4
5
vulnerability VCID-cy2n-zexk-jyda
6
vulnerability VCID-d26t-ex9d-x3ev
7
vulnerability VCID-dy3x-vd1y-dbbn
8
vulnerability VCID-gf3f-k2be-67e2
9
vulnerability VCID-gtcn-kyd2-xqdk
10
vulnerability VCID-k2kp-fv3q-vyh2
11
vulnerability VCID-kp8z-47q5-n7es
12
vulnerability VCID-mddr-7zar-6kfn
13
vulnerability VCID-n7m1-6qrq-auaf
14
vulnerability VCID-nmh4-zpeh-4bcr
15
vulnerability VCID-nw3z-nwyg-87e5
16
vulnerability VCID-nw7y-2xct-8fa5
17
vulnerability VCID-pba8-g9ts-43bw
18
vulnerability VCID-rjbn-1a88-87cj
19
vulnerability VCID-th9f-gg4v-bbbe
20
vulnerability VCID-tt7m-c9zc-1kem
21
vulnerability VCID-u2yw-sybk-uug8
22
vulnerability VCID-uw5p-szmd-8qcm
23
vulnerability VCID-x8gp-vvxg-13cw
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/expat@2.2.6-2%252Bdeb10u4
aliases CVE-2018-20843
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-naf7-p1jf-z3ds
22
url VCID-nmh4-zpeh-4bcr
vulnerability_id VCID-nmh4-zpeh-4bcr
summary 
Multiple vulnerabilities have been found in Expat, the worst of
    which could result in a Denial of Service condition.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00080.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00080.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00081.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00081.html
2
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00000.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00000.html
3
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00002.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00002.html
4
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00003.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00003.html
5
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00013.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00013.html
6
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00016.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00016.html
7
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00017.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00017.html
8
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00018.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00018.html
9
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00019.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00019.html
10
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00008.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00008.html
11
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html
12
reference_url http://packetstormsecurity.com/files/154503/Slackware-Security-Advisory-expat-Updates.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url http://packetstormsecurity.com/files/154503/Slackware-Security-Advisory-expat-Updates.html
13
reference_url http://packetstormsecurity.com/files/154927/Slackware-Security-Advisory-python-Updates.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url http://packetstormsecurity.com/files/154927/Slackware-Security-Advisory-python-Updates.html
14
reference_url http://packetstormsecurity.com/files/154947/Slackware-Security-Advisory-mozilla-firefox-Updates.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url http://packetstormsecurity.com/files/154947/Slackware-Security-Advisory-mozilla-firefox-Updates.html
15
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-15903.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-15903.json
16
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-15903
reference_id
reference_type
scores
0
value 0.00198
scoring_system epss
scoring_elements 0.41852
published_at 2026-04-13T12:55:00Z
1
value 0.00198
scoring_system epss
scoring_elements 0.41865
published_at 2026-04-12T12:55:00Z
2
value 0.00198
scoring_system epss
scoring_elements 0.41858
published_at 2026-04-02T12:55:00Z
3
value 0.00198
scoring_system epss
scoring_elements 0.419
published_at 2026-04-11T12:55:00Z
4
value 0.00198
scoring_system epss
scoring_elements 0.41888
published_at 2026-04-04T12:55:00Z
5
value 0.00198
scoring_system epss
scoring_elements 0.41876
published_at 2026-04-09T12:55:00Z
6
value 0.00198
scoring_system epss
scoring_elements 0.41866
published_at 2026-04-08T12:55:00Z
7
value 0.00198
scoring_system epss
scoring_elements 0.41793
published_at 2026-04-01T12:55:00Z
8
value 0.00198
scoring_system epss
scoring_elements 0.41816
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-15903
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11755
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11755
18
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11757
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11757
19
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11759
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11759
20
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11760
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11760
21
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11761
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11761
22
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11762
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11762
23
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11763
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11763
24
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11764
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11764
25
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15903
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15903
26
reference_url http://seclists.org/fulldisclosure/2019/Dec/23
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url http://seclists.org/fulldisclosure/2019/Dec/23
27
reference_url http://seclists.org/fulldisclosure/2019/Dec/26
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url http://seclists.org/fulldisclosure/2019/Dec/26
28
reference_url http://seclists.org/fulldisclosure/2019/Dec/27
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url http://seclists.org/fulldisclosure/2019/Dec/27
29
reference_url http://seclists.org/fulldisclosure/2019/Dec/30
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url http://seclists.org/fulldisclosure/2019/Dec/30
30
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
31
reference_url https://github.com/libexpat/libexpat/commit/c20b758c332d9a13afbbb276d30db1d183a85d43
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url https://github.com/libexpat/libexpat/commit/c20b758c332d9a13afbbb276d30db1d183a85d43
32
reference_url https://github.com/libexpat/libexpat/issues/317
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url https://github.com/libexpat/libexpat/issues/317
33
reference_url https://github.com/libexpat/libexpat/issues/342
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url https://github.com/libexpat/libexpat/issues/342
34
reference_url https://github.com/libexpat/libexpat/pull/318
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url https://github.com/libexpat/libexpat/pull/318
35
reference_url https://lists.debian.org/debian-lts-announce/2019/11/msg00006.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url https://lists.debian.org/debian-lts-announce/2019/11/msg00006.html
36
reference_url https://lists.debian.org/debian-lts-announce/2019/11/msg00017.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url https://lists.debian.org/debian-lts-announce/2019/11/msg00017.html
37
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A4TZKPJFTURRLXIGLB34WVKQ5HGY6JJA/
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A4TZKPJFTURRLXIGLB34WVKQ5HGY6JJA/
38
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BDUTI5TVQWIGGQXPEVI4T2ENHFSBMIBP/
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BDUTI5TVQWIGGQXPEVI4T2ENHFSBMIBP/
39
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S26LGXXQ7YF2BP3RGOWELBFKM6BHF6UG/
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S26LGXXQ7YF2BP3RGOWELBFKM6BHF6UG/
40
reference_url https://seclists.org/bugtraq/2019/Dec/17
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url https://seclists.org/bugtraq/2019/Dec/17
41
reference_url https://seclists.org/bugtraq/2019/Dec/21
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url https://seclists.org/bugtraq/2019/Dec/21
42
reference_url https://seclists.org/bugtraq/2019/Dec/23
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url https://seclists.org/bugtraq/2019/Dec/23
43
reference_url https://seclists.org/bugtraq/2019/Nov/1
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url https://seclists.org/bugtraq/2019/Nov/1
44
reference_url https://seclists.org/bugtraq/2019/Nov/24
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url https://seclists.org/bugtraq/2019/Nov/24
45
reference_url https://seclists.org/bugtraq/2019/Oct/29
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url https://seclists.org/bugtraq/2019/Oct/29
46
reference_url https://seclists.org/bugtraq/2019/Sep/30
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url https://seclists.org/bugtraq/2019/Sep/30
47
reference_url https://seclists.org/bugtraq/2019/Sep/37
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url https://seclists.org/bugtraq/2019/Sep/37
48
reference_url https://security.netapp.com/advisory/ntap-20190926-0004/
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url https://security.netapp.com/advisory/ntap-20190926-0004/
49
reference_url https://support.apple.com/kb/HT210785
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url https://support.apple.com/kb/HT210785
50
reference_url https://support.apple.com/kb/HT210788
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url https://support.apple.com/kb/HT210788
51
reference_url https://support.apple.com/kb/HT210789
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url https://support.apple.com/kb/HT210789
52
reference_url https://support.apple.com/kb/HT210790
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url https://support.apple.com/kb/HT210790
53
reference_url https://support.apple.com/kb/HT210793
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url https://support.apple.com/kb/HT210793
54
reference_url https://support.apple.com/kb/HT210794
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url https://support.apple.com/kb/HT210794
55
reference_url https://support.apple.com/kb/HT210795
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url https://support.apple.com/kb/HT210795
56
reference_url https://www.debian.org/security/2019/dsa-4530
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url https://www.debian.org/security/2019/dsa-4530
57
reference_url https://www.debian.org/security/2019/dsa-4549
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url https://www.debian.org/security/2019/dsa-4549
58
reference_url https://www.debian.org/security/2019/dsa-4571
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url https://www.debian.org/security/2019/dsa-4571
59
reference_url https://www.oracle.com/security-alerts/cpuapr2020.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url https://www.oracle.com/security-alerts/cpuapr2020.html
60
reference_url https://www.oracle.com/security-alerts/cpuoct2020.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url https://www.oracle.com/security-alerts/cpuoct2020.html
61
reference_url https://www.tenable.com/security/tns-2021-11
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url https://www.tenable.com/security/tns-2021-11
62
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1752592
reference_id 1752592
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1752592
63
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=939394
reference_id 939394
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=939394
64
reference_url https://security.archlinux.org/ASA-201910-15
reference_id ASA-201910-15
reference_type
scores
url https://security.archlinux.org/ASA-201910-15
65
reference_url https://security.archlinux.org/ASA-201910-16
reference_id ASA-201910-16
reference_type
scores
url https://security.archlinux.org/ASA-201910-16
66
reference_url https://security.archlinux.org/ASA-201910-17
reference_id ASA-201910-17
reference_type
scores
url https://security.archlinux.org/ASA-201910-17
67
reference_url https://security.archlinux.org/AVG-1053
reference_id AVG-1053
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1053
68
reference_url https://security.archlinux.org/AVG-1054
reference_id AVG-1054
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1054
69
reference_url https://security.archlinux.org/AVG-1055
reference_id AVG-1055
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1055
70
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libexpat_project:libexpat:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:libexpat_project:libexpat:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libexpat_project:libexpat:*:*:*:*:*:*:*:*
71
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:python:python:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:*:*:*:*:*:*:*:*
72
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-15903
reference_id CVE-2019-15903
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:N/A:P
1
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
2
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2019-15903
73
reference_url https://security.gentoo.org/glsa/201911-08
reference_id GLSA-201911-08
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url https://security.gentoo.org/glsa/201911-08
74
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-33
reference_id mfsa2019-33
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-33
75
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-34
reference_id mfsa2019-34
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-34
76
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2019-35
reference_id mfsa2019-35
reference_type
scores
0
value critical
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2019-35
77
reference_url https://access.redhat.com/errata/RHSA-2019:3193
reference_id RHSA-2019:3193
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:3193
78
reference_url https://access.redhat.com/errata/RHSA-2019:3196
reference_id RHSA-2019:3196
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:3196
79
reference_url https://access.redhat.com/errata/RHSA-2019:3210
reference_id RHSA-2019:3210
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url https://access.redhat.com/errata/RHSA-2019:3210
80
reference_url https://access.redhat.com/errata/RHSA-2019:3237
reference_id RHSA-2019:3237
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url https://access.redhat.com/errata/RHSA-2019:3237
81
reference_url https://access.redhat.com/errata/RHSA-2019:3756
reference_id RHSA-2019:3756
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url https://access.redhat.com/errata/RHSA-2019:3756
82
reference_url https://access.redhat.com/errata/RHSA-2020:2644
reference_id RHSA-2020:2644
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2644
83
reference_url https://access.redhat.com/errata/RHSA-2020:2646
reference_id RHSA-2020:2646
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2646
84
reference_url https://access.redhat.com/errata/RHSA-2020:3952
reference_id RHSA-2020:3952
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3952
85
reference_url https://access.redhat.com/errata/RHSA-2020:4484
reference_id RHSA-2020:4484
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4484
86
reference_url https://access.redhat.com/errata/RHSA-2021:0949
reference_id RHSA-2021:0949
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0949
87
reference_url https://access.redhat.com/errata/RHSA-2025:22871
reference_id RHSA-2025:22871
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:22871
88
reference_url https://usn.ubuntu.com/4132-1/
reference_id USN-4132-1
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url https://usn.ubuntu.com/4132-1/
89
reference_url https://usn.ubuntu.com/4132-2/
reference_id USN-4132-2
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url https://usn.ubuntu.com/4132-2/
90
reference_url https://usn.ubuntu.com/4165-1/
reference_id USN-4165-1
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url https://usn.ubuntu.com/4165-1/
91
reference_url https://usn.ubuntu.com/4202-1/
reference_id USN-4202-1
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url https://usn.ubuntu.com/4202-1/
92
reference_url https://usn.ubuntu.com/4335-1/
reference_id USN-4335-1
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:27:14Z/
url https://usn.ubuntu.com/4335-1/
93
reference_url https://usn.ubuntu.com/7199-1/
reference_id USN-7199-1
reference_type
scores
url https://usn.ubuntu.com/7199-1/
94
reference_url https://usn.ubuntu.com/USN-4852-1/
reference_id USN-USN-4852-1
reference_type
scores
url https://usn.ubuntu.com/USN-4852-1/
95
reference_url https://usn.ubuntu.com/USN-5455-1/
reference_id USN-USN-5455-1
reference_type
scores
url https://usn.ubuntu.com/USN-5455-1/
fixed_packages
0
url pkg:deb/debian/expat@2.2.0-2%2Bdeb9u3
purl pkg:deb/debian/expat@2.2.0-2%2Bdeb9u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-28yc-wkq6-c7hb
1
vulnerability VCID-4c32-p11r-zud5
2
vulnerability VCID-7ndj-4zn8-cqa4
3
vulnerability VCID-94fm-s7mp-vfdb
4
vulnerability VCID-9ern-6htc-p7c4
5
vulnerability VCID-cy2n-zexk-jyda
6
vulnerability VCID-d26t-ex9d-x3ev
7
vulnerability VCID-dy3x-vd1y-dbbn
8
vulnerability VCID-gf3f-k2be-67e2
9
vulnerability VCID-gtcn-kyd2-xqdk
10
vulnerability VCID-k2kp-fv3q-vyh2
11
vulnerability VCID-kp8z-47q5-n7es
12
vulnerability VCID-mddr-7zar-6kfn
13
vulnerability VCID-n7m1-6qrq-auaf
14
vulnerability VCID-naf7-p1jf-z3ds
15
vulnerability VCID-nmh4-zpeh-4bcr
16
vulnerability VCID-nw3z-nwyg-87e5
17
vulnerability VCID-nw7y-2xct-8fa5
18
vulnerability VCID-pba8-g9ts-43bw
19
vulnerability VCID-r14v-u2r3-rkhz
20
vulnerability VCID-rjbn-1a88-87cj
21
vulnerability VCID-th9f-gg4v-bbbe
22
vulnerability VCID-tt7m-c9zc-1kem
23
vulnerability VCID-u2yw-sybk-uug8
24
vulnerability VCID-uw5p-szmd-8qcm
25
vulnerability VCID-x8gp-vvxg-13cw
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/expat@2.2.0-2%252Bdeb9u3
1
url pkg:deb/debian/expat@2.2.6-2%2Bdeb10u4
purl pkg:deb/debian/expat@2.2.6-2%2Bdeb10u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-28yc-wkq6-c7hb
1
vulnerability VCID-4c32-p11r-zud5
2
vulnerability VCID-7ndj-4zn8-cqa4
3
vulnerability VCID-94fm-s7mp-vfdb
4
vulnerability VCID-9ern-6htc-p7c4
5
vulnerability VCID-cy2n-zexk-jyda
6
vulnerability VCID-d26t-ex9d-x3ev
7
vulnerability VCID-dy3x-vd1y-dbbn
8
vulnerability VCID-gf3f-k2be-67e2
9
vulnerability VCID-gtcn-kyd2-xqdk
10
vulnerability VCID-k2kp-fv3q-vyh2
11
vulnerability VCID-kp8z-47q5-n7es
12
vulnerability VCID-mddr-7zar-6kfn
13
vulnerability VCID-n7m1-6qrq-auaf
14
vulnerability VCID-nmh4-zpeh-4bcr
15
vulnerability VCID-nw3z-nwyg-87e5
16
vulnerability VCID-nw7y-2xct-8fa5
17
vulnerability VCID-pba8-g9ts-43bw
18
vulnerability VCID-rjbn-1a88-87cj
19
vulnerability VCID-th9f-gg4v-bbbe
20
vulnerability VCID-tt7m-c9zc-1kem
21
vulnerability VCID-u2yw-sybk-uug8
22
vulnerability VCID-uw5p-szmd-8qcm
23
vulnerability VCID-x8gp-vvxg-13cw
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/expat@2.2.6-2%252Bdeb10u4
2
url pkg:deb/debian/expat@2.2.10-2%2Bdeb11u5
purl pkg:deb/debian/expat@2.2.10-2%2Bdeb11u5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1fms-7y9v-dfc5
1
vulnerability VCID-77y6-jskt-qucb
2
vulnerability VCID-7ndj-4zn8-cqa4
3
vulnerability VCID-d26t-ex9d-x3ev
4
vulnerability VCID-gtcn-kyd2-xqdk
5
vulnerability VCID-jqe4-44gw-wbhu
6
vulnerability VCID-k2kp-fv3q-vyh2
7
vulnerability VCID-nguf-68jf-ryaz
8
vulnerability VCID-nktd-7gph-kkb1
9
vulnerability VCID-nw3z-nwyg-87e5
10
vulnerability VCID-qmx9-wkj4-67h3
11
vulnerability VCID-u5pr-wheu-h7c6
12
vulnerability VCID-utz3-ytaf-cbht
13
vulnerability VCID-v41j-xj8s-m7ar
14
vulnerability VCID-yw8s-ezc7-6ub8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/expat@2.2.10-2%252Bdeb11u5
aliases CVE-2019-15903
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nmh4-zpeh-4bcr
23
url VCID-nw3z-nwyg-87e5
vulnerability_id VCID-nw3z-nwyg-87e5
summary Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-45492.json
reference_id
reference_type
scores
0
value 6.2
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-45492.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-45492
reference_id
reference_type
scores
0
value 0.01195
scoring_system epss
scoring_elements 0.78874
published_at 2026-04-13T12:55:00Z
1
value 0.01195
scoring_system epss
scoring_elements 0.78845
published_at 2026-04-07T12:55:00Z
2
value 0.01195
scoring_system epss
scoring_elements 0.7887
published_at 2026-04-08T12:55:00Z
3
value 0.01195
scoring_system epss
scoring_elements 0.78876
published_at 2026-04-09T12:55:00Z
4
value 0.01195
scoring_system epss
scoring_elements 0.789
published_at 2026-04-11T12:55:00Z
5
value 0.01195
scoring_system epss
scoring_elements 0.78883
published_at 2026-04-12T12:55:00Z
6
value 0.01195
scoring_system epss
scoring_elements 0.78833
published_at 2026-04-02T12:55:00Z
7
value 0.01195
scoring_system epss
scoring_elements 0.78862
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-45492
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45492
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45492
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1080152
reference_id 1080152
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1080152
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2308617
reference_id 2308617
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2308617
6
reference_url https://github.com/libexpat/libexpat/issues/889
reference_id 889
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-30T13:53:05Z/
url https://github.com/libexpat/libexpat/issues/889
7
reference_url https://github.com/libexpat/libexpat/pull/892
reference_id 892
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-30T13:53:05Z/
url https://github.com/libexpat/libexpat/pull/892
8
reference_url https://security.gentoo.org/glsa/202501-09
reference_id GLSA-202501-09
reference_type
scores
url https://security.gentoo.org/glsa/202501-09
9
reference_url https://access.redhat.com/errata/RHSA-2024:10135
reference_id RHSA-2024:10135
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:10135
10
reference_url https://access.redhat.com/errata/RHSA-2024:11109
reference_id RHSA-2024:11109
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:11109
11
reference_url https://access.redhat.com/errata/RHSA-2024:6754
reference_id RHSA-2024:6754
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:6754
12
reference_url https://access.redhat.com/errata/RHSA-2024:6989
reference_id RHSA-2024:6989
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:6989
13
reference_url https://access.redhat.com/errata/RHSA-2024:7213
reference_id RHSA-2024:7213
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:7213
14
reference_url https://access.redhat.com/errata/RHSA-2024:7599
reference_id RHSA-2024:7599
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:7599
15
reference_url https://access.redhat.com/errata/RHSA-2024:9610
reference_id RHSA-2024:9610
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:9610
16
reference_url https://usn.ubuntu.com/7000-1/
reference_id USN-7000-1
reference_type
scores
url https://usn.ubuntu.com/7000-1/
17
reference_url https://usn.ubuntu.com/7000-2/
reference_id USN-7000-2
reference_type
scores
url https://usn.ubuntu.com/7000-2/
fixed_packages
0
url pkg:deb/debian/expat@2.5.0-1%2Bdeb12u2
purl pkg:deb/debian/expat@2.5.0-1%2Bdeb12u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-77y6-jskt-qucb
1
vulnerability VCID-jqe4-44gw-wbhu
2
vulnerability VCID-nktd-7gph-kkb1
3
vulnerability VCID-qmx9-wkj4-67h3
4
vulnerability VCID-u5pr-wheu-h7c6
5
vulnerability VCID-utz3-ytaf-cbht
6
vulnerability VCID-v41j-xj8s-m7ar
7
vulnerability VCID-yw8s-ezc7-6ub8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/expat@2.5.0-1%252Bdeb12u2
aliases CVE-2024-45492
risk_score 3.3
exploitability 0.5
weighted_severity 6.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nw3z-nwyg-87e5
24
url VCID-nw7y-2xct-8fa5
vulnerability_id VCID-nw7y-2xct-8fa5
summary Multiple vulnerabilities have been discovered in Expat, the worst of which could result in arbitrary code execution.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-25235.json
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-25235.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-25235
reference_id
reference_type
scores
0
value 0.13322
scoring_system epss
scoring_elements 0.94153
published_at 2026-04-04T12:55:00Z
1
value 0.13322
scoring_system epss
scoring_elements 0.9417
published_at 2026-04-09T12:55:00Z
2
value 0.13322
scoring_system epss
scoring_elements 0.94156
published_at 2026-04-07T12:55:00Z
3
value 0.13322
scoring_system epss
scoring_elements 0.94166
published_at 2026-04-08T12:55:00Z
4
value 0.13322
scoring_system epss
scoring_elements 0.94175
published_at 2026-04-13T12:55:00Z
5
value 0.13322
scoring_system epss
scoring_elements 0.94142
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-25235
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25235
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25235
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25236
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25236
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25313
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25313
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25314
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25314
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25315
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25315
7
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
8
reference_url http://www.openwall.com/lists/oss-security/2022/02/19/1
reference_id 1
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:39Z/
url http://www.openwall.com/lists/oss-security/2022/02/19/1
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1005894
reference_id 1005894
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1005894
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2056366
reference_id 2056366
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2056366
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU/
reference_id 3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:39Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU/
12
reference_url https://github.com/libexpat/libexpat/pull/562
reference_id 562
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:39Z/
url https://github.com/libexpat/libexpat/pull/562
13
reference_url https://www.debian.org/security/2022/dsa-5085
reference_id dsa-5085
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:39Z/
url https://www.debian.org/security/2022/dsa-5085
14
reference_url https://security.gentoo.org/glsa/202209-24
reference_id GLSA-202209-24
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:39Z/
url https://security.gentoo.org/glsa/202209-24
15
reference_url https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html
reference_id msg00007.html
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:39Z/
url https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html
16
reference_url https://security.netapp.com/advisory/ntap-20220303-0008/
reference_id ntap-20220303-0008
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:39Z/
url https://security.netapp.com/advisory/ntap-20220303-0008/
17
reference_url https://access.redhat.com/errata/RHSA-2022:0815
reference_id RHSA-2022:0815
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0815
18
reference_url https://access.redhat.com/errata/RHSA-2022:0816
reference_id RHSA-2022:0816
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0816
19
reference_url https://access.redhat.com/errata/RHSA-2022:0817
reference_id RHSA-2022:0817
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0817
20
reference_url https://access.redhat.com/errata/RHSA-2022:0818
reference_id RHSA-2022:0818
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0818
21
reference_url https://access.redhat.com/errata/RHSA-2022:0824
reference_id RHSA-2022:0824
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0824
22
reference_url https://access.redhat.com/errata/RHSA-2022:0843
reference_id RHSA-2022:0843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0843
23
reference_url https://access.redhat.com/errata/RHSA-2022:0845
reference_id RHSA-2022:0845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0845
24
reference_url https://access.redhat.com/errata/RHSA-2022:0847
reference_id RHSA-2022:0847
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0847
25
reference_url https://access.redhat.com/errata/RHSA-2022:0850
reference_id RHSA-2022:0850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0850
26
reference_url https://access.redhat.com/errata/RHSA-2022:0853
reference_id RHSA-2022:0853
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0853
27
reference_url https://access.redhat.com/errata/RHSA-2022:0951
reference_id RHSA-2022:0951
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0951
28
reference_url https://access.redhat.com/errata/RHSA-2022:1012
reference_id RHSA-2022:1012
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1012
29
reference_url https://access.redhat.com/errata/RHSA-2022:1053
reference_id RHSA-2022:1053
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1053
30
reference_url https://access.redhat.com/errata/RHSA-2022:1068
reference_id RHSA-2022:1068
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1068
31
reference_url https://access.redhat.com/errata/RHSA-2022:1069
reference_id RHSA-2022:1069
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1069
32
reference_url https://access.redhat.com/errata/RHSA-2022:1070
reference_id RHSA-2022:1070
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1070
33
reference_url https://access.redhat.com/errata/RHSA-2022:1263
reference_id RHSA-2022:1263
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1263
34
reference_url https://access.redhat.com/errata/RHSA-2022:1309
reference_id RHSA-2022:1309
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1309
35
reference_url https://access.redhat.com/errata/RHSA-2022:1539
reference_id RHSA-2022:1539
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1539
36
reference_url https://access.redhat.com/errata/RHSA-2022:1540
reference_id RHSA-2022:1540
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1540
37
reference_url https://access.redhat.com/errata/RHSA-2022:1643
reference_id RHSA-2022:1643
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1643
38
reference_url https://access.redhat.com/errata/RHSA-2022:1644
reference_id RHSA-2022:1644
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1644
39
reference_url https://access.redhat.com/errata/RHSA-2022:7144
reference_id RHSA-2022:7144
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7144
40
reference_url https://access.redhat.com/errata/RHSA-2022:7811
reference_id RHSA-2022:7811
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7811
41
reference_url https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf
reference_id ssa-484086.pdf
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:39Z/
url https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf
42
reference_url https://usn.ubuntu.com/5288-1/
reference_id USN-5288-1
reference_type
scores
url https://usn.ubuntu.com/5288-1/
43
reference_url https://usn.ubuntu.com/USN-5455-1/
reference_id USN-USN-5455-1
reference_type
scores
url https://usn.ubuntu.com/USN-5455-1/
44
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM/
reference_id Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:39Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM/
fixed_packages
0
url pkg:deb/debian/expat@2.2.6-2%2Bdeb10u4
purl pkg:deb/debian/expat@2.2.6-2%2Bdeb10u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-28yc-wkq6-c7hb
1
vulnerability VCID-4c32-p11r-zud5
2
vulnerability VCID-7ndj-4zn8-cqa4
3
vulnerability VCID-94fm-s7mp-vfdb
4
vulnerability VCID-9ern-6htc-p7c4
5
vulnerability VCID-cy2n-zexk-jyda
6
vulnerability VCID-d26t-ex9d-x3ev
7
vulnerability VCID-dy3x-vd1y-dbbn
8
vulnerability VCID-gf3f-k2be-67e2
9
vulnerability VCID-gtcn-kyd2-xqdk
10
vulnerability VCID-k2kp-fv3q-vyh2
11
vulnerability VCID-kp8z-47q5-n7es
12
vulnerability VCID-mddr-7zar-6kfn
13
vulnerability VCID-n7m1-6qrq-auaf
14
vulnerability VCID-nmh4-zpeh-4bcr
15
vulnerability VCID-nw3z-nwyg-87e5
16
vulnerability VCID-nw7y-2xct-8fa5
17
vulnerability VCID-pba8-g9ts-43bw
18
vulnerability VCID-rjbn-1a88-87cj
19
vulnerability VCID-th9f-gg4v-bbbe
20
vulnerability VCID-tt7m-c9zc-1kem
21
vulnerability VCID-u2yw-sybk-uug8
22
vulnerability VCID-uw5p-szmd-8qcm
23
vulnerability VCID-x8gp-vvxg-13cw
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/expat@2.2.6-2%252Bdeb10u4
1
url pkg:deb/debian/expat@2.2.10-2%2Bdeb11u5
purl pkg:deb/debian/expat@2.2.10-2%2Bdeb11u5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1fms-7y9v-dfc5
1
vulnerability VCID-77y6-jskt-qucb
2
vulnerability VCID-7ndj-4zn8-cqa4
3
vulnerability VCID-d26t-ex9d-x3ev
4
vulnerability VCID-gtcn-kyd2-xqdk
5
vulnerability VCID-jqe4-44gw-wbhu
6
vulnerability VCID-k2kp-fv3q-vyh2
7
vulnerability VCID-nguf-68jf-ryaz
8
vulnerability VCID-nktd-7gph-kkb1
9
vulnerability VCID-nw3z-nwyg-87e5
10
vulnerability VCID-qmx9-wkj4-67h3
11
vulnerability VCID-u5pr-wheu-h7c6
12
vulnerability VCID-utz3-ytaf-cbht
13
vulnerability VCID-v41j-xj8s-m7ar
14
vulnerability VCID-yw8s-ezc7-6ub8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/expat@2.2.10-2%252Bdeb11u5
aliases CVE-2022-25235
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nw7y-2xct-8fa5
25
url VCID-pba8-g9ts-43bw
vulnerability_id VCID-pba8-g9ts-43bw
summary Multiple vulnerabilities have been discovered in Expat, the worst of which could result in arbitrary code execution.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-40674.json
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-40674.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-40674
reference_id
reference_type
scores
0
value 0.01087
scoring_system epss
scoring_elements 0.77913
published_at 2026-04-13T12:55:00Z
1
value 0.01087
scoring_system epss
scoring_elements 0.77888
published_at 2026-04-04T12:55:00Z
2
value 0.01087
scoring_system epss
scoring_elements 0.77861
published_at 2026-04-02T12:55:00Z
3
value 0.01087
scoring_system epss
scoring_elements 0.7793
published_at 2026-04-11T12:55:00Z
4
value 0.01087
scoring_system epss
scoring_elements 0.77903
published_at 2026-04-09T12:55:00Z
5
value 0.01087
scoring_system epss
scoring_elements 0.77898
published_at 2026-04-08T12:55:00Z
6
value 0.01087
scoring_system epss
scoring_elements 0.77871
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-40674
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40674
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40674
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019761
reference_id 1019761
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019761
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2130769
reference_id 2130769
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2130769
6
reference_url https://github.com/libexpat/libexpat/pull/629
reference_id 629
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-30T19:17:58Z/
url https://github.com/libexpat/libexpat/pull/629
7
reference_url https://github.com/libexpat/libexpat/pull/640
reference_id 640
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-30T19:17:58Z/
url https://github.com/libexpat/libexpat/pull/640
8
reference_url https://security.archlinux.org/AVG-2815
reference_id AVG-2815
reference_type
scores
0
value Unknown
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2815
9
reference_url https://www.debian.org/security/2022/dsa-5236
reference_id dsa-5236
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-30T19:17:58Z/
url https://www.debian.org/security/2022/dsa-5236
10
reference_url https://security.gentoo.org/glsa/202209-24
reference_id GLSA-202209-24
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-30T19:17:58Z/
url https://security.gentoo.org/glsa/202209-24
11
reference_url https://security.gentoo.org/glsa/202211-06
reference_id GLSA-202211-06
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-30T19:17:58Z/
url https://security.gentoo.org/glsa/202211-06
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GSVZN3IJ6OCPSJL7AEX3ZHSHAHFOGESK/
reference_id GSVZN3IJ6OCPSJL7AEX3ZHSHAHFOGESK
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-30T19:17:58Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GSVZN3IJ6OCPSJL7AEX3ZHSHAHFOGESK/
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/J2IGJNHFV53PYST7VQV3T4NHVYAMXA36/
reference_id J2IGJNHFV53PYST7VQV3T4NHVYAMXA36
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-30T19:17:58Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/J2IGJNHFV53PYST7VQV3T4NHVYAMXA36/
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LQB6FJAM5YQ35SF5B2MN25Y2FX56EOEZ/
reference_id LQB6FJAM5YQ35SF5B2MN25Y2FX56EOEZ
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-30T19:17:58Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LQB6FJAM5YQ35SF5B2MN25Y2FX56EOEZ/
15
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2022-47
reference_id mfsa2022-47
reference_type
scores
0
value high
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2022-47
16
reference_url https://lists.debian.org/debian-lts-announce/2022/09/msg00029.html
reference_id msg00029.html
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-30T19:17:58Z/
url https://lists.debian.org/debian-lts-announce/2022/09/msg00029.html
17
reference_url https://security.netapp.com/advisory/ntap-20221028-0008/
reference_id ntap-20221028-0008
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-30T19:17:58Z/
url https://security.netapp.com/advisory/ntap-20221028-0008/
18
reference_url https://access.redhat.com/errata/RHSA-2022:6831
reference_id RHSA-2022:6831
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6831
19
reference_url https://access.redhat.com/errata/RHSA-2022:6832
reference_id RHSA-2022:6832
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6832
20
reference_url https://access.redhat.com/errata/RHSA-2022:6833
reference_id RHSA-2022:6833
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6833
21
reference_url https://access.redhat.com/errata/RHSA-2022:6834
reference_id RHSA-2022:6834
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6834
22
reference_url https://access.redhat.com/errata/RHSA-2022:6838
reference_id RHSA-2022:6838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6838
23
reference_url https://access.redhat.com/errata/RHSA-2022:6878
reference_id RHSA-2022:6878
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6878
24
reference_url https://access.redhat.com/errata/RHSA-2022:6921
reference_id RHSA-2022:6921
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6921
25
reference_url https://access.redhat.com/errata/RHSA-2022:6967
reference_id RHSA-2022:6967
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6967
26
reference_url https://access.redhat.com/errata/RHSA-2022:6995
reference_id RHSA-2022:6995
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6995
27
reference_url https://access.redhat.com/errata/RHSA-2022:6996
reference_id RHSA-2022:6996
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6996
28
reference_url https://access.redhat.com/errata/RHSA-2022:6997
reference_id RHSA-2022:6997
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6997
29
reference_url https://access.redhat.com/errata/RHSA-2022:6998
reference_id RHSA-2022:6998
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6998
30
reference_url https://access.redhat.com/errata/RHSA-2022:7019
reference_id RHSA-2022:7019
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7019
31
reference_url https://access.redhat.com/errata/RHSA-2022:7020
reference_id RHSA-2022:7020
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7020
32
reference_url https://access.redhat.com/errata/RHSA-2022:7021
reference_id RHSA-2022:7021
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7021
33
reference_url https://access.redhat.com/errata/RHSA-2022:7022
reference_id RHSA-2022:7022
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7022
34
reference_url https://access.redhat.com/errata/RHSA-2022:7023
reference_id RHSA-2022:7023
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7023
35
reference_url https://access.redhat.com/errata/RHSA-2022:7024
reference_id RHSA-2022:7024
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7024
36
reference_url https://access.redhat.com/errata/RHSA-2022:7025
reference_id RHSA-2022:7025
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7025
37
reference_url https://access.redhat.com/errata/RHSA-2022:7026
reference_id RHSA-2022:7026
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7026
38
reference_url https://access.redhat.com/errata/RHSA-2022:8598
reference_id RHSA-2022:8598
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8598
39
reference_url https://access.redhat.com/errata/RHSA-2022:8841
reference_id RHSA-2022:8841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8841
40
reference_url https://access.redhat.com/errata/RHSA-2023:3068
reference_id RHSA-2023:3068
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3068
41
reference_url https://usn.ubuntu.com/5638-1/
reference_id USN-5638-1
reference_type
scores
url https://usn.ubuntu.com/5638-1/
42
reference_url https://usn.ubuntu.com/5638-2/
reference_id USN-5638-2
reference_type
scores
url https://usn.ubuntu.com/5638-2/
43
reference_url https://usn.ubuntu.com/5638-4/
reference_id USN-5638-4
reference_type
scores
url https://usn.ubuntu.com/5638-4/
44
reference_url https://usn.ubuntu.com/5726-1/
reference_id USN-5726-1
reference_type
scores
url https://usn.ubuntu.com/5726-1/
45
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2ZKEPGFCZ7R6DRVH3K6RBJPT42ZBEG/
reference_id WE2ZKEPGFCZ7R6DRVH3K6RBJPT42ZBEG
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-30T19:17:58Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WE2ZKEPGFCZ7R6DRVH3K6RBJPT42ZBEG/
46
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XCGBVQQ47URGJAZWHCISHDWF6QBTV2LE/
reference_id XCGBVQQ47URGJAZWHCISHDWF6QBTV2LE
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-30T19:17:58Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XCGBVQQ47URGJAZWHCISHDWF6QBTV2LE/
fixed_packages
0
url pkg:deb/debian/expat@2.2.10-2%2Bdeb11u5
purl pkg:deb/debian/expat@2.2.10-2%2Bdeb11u5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1fms-7y9v-dfc5
1
vulnerability VCID-77y6-jskt-qucb
2
vulnerability VCID-7ndj-4zn8-cqa4
3
vulnerability VCID-d26t-ex9d-x3ev
4
vulnerability VCID-gtcn-kyd2-xqdk
5
vulnerability VCID-jqe4-44gw-wbhu
6
vulnerability VCID-k2kp-fv3q-vyh2
7
vulnerability VCID-nguf-68jf-ryaz
8
vulnerability VCID-nktd-7gph-kkb1
9
vulnerability VCID-nw3z-nwyg-87e5
10
vulnerability VCID-qmx9-wkj4-67h3
11
vulnerability VCID-u5pr-wheu-h7c6
12
vulnerability VCID-utz3-ytaf-cbht
13
vulnerability VCID-v41j-xj8s-m7ar
14
vulnerability VCID-yw8s-ezc7-6ub8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/expat@2.2.10-2%252Bdeb11u5
aliases CVE-2022-40674
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pba8-g9ts-43bw
26
url VCID-qcbz-21vm-eqfd
vulnerability_id VCID-qcbz-21vm-eqfd
summary 
Multiple vulnerabilities have been found in Expat, the worst of
    which may allow execution of arbitrary code.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1283.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1283.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-1283
reference_id
reference_type
scores
0
value 0.00521
scoring_system epss
scoring_elements 0.66862
published_at 2026-04-13T12:55:00Z
1
value 0.00521
scoring_system epss
scoring_elements 0.6679
published_at 2026-04-01T12:55:00Z
2
value 0.00521
scoring_system epss
scoring_elements 0.66829
published_at 2026-04-02T12:55:00Z
3
value 0.00521
scoring_system epss
scoring_elements 0.66854
published_at 2026-04-04T12:55:00Z
4
value 0.00521
scoring_system epss
scoring_elements 0.66826
published_at 2026-04-07T12:55:00Z
5
value 0.00521
scoring_system epss
scoring_elements 0.66875
published_at 2026-04-08T12:55:00Z
6
value 0.00521
scoring_system epss
scoring_elements 0.66889
published_at 2026-04-09T12:55:00Z
7
value 0.00521
scoring_system epss
scoring_elements 0.66908
published_at 2026-04-11T12:55:00Z
8
value 0.00521
scoring_system epss
scoring_elements 0.66894
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-1283
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1266
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1266
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1267
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1267
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1268
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1268
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1269
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1269
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1270
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1270
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1271
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1271
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1272
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1272
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1273
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1273
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1274
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1274
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1276
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1276
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1277
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1277
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1278
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1278
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1279
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1279
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1280
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1280
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1281
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1281
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1282
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1282
18
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1283
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1283
19
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1284
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1284
20
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1285
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1285
21
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1286
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1286
22
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1287
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1287
23
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1288
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1288
24
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1289
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1289
25
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
26
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1245587
reference_id 1245587
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1245587
27
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=793484
reference_id 793484
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=793484
28
reference_url https://security.gentoo.org/glsa/201603-09
reference_id GLSA-201603-09
reference_type
scores
url https://security.gentoo.org/glsa/201603-09
29
reference_url https://security.gentoo.org/glsa/201701-21
reference_id GLSA-201701-21
reference_type
scores
url https://security.gentoo.org/glsa/201701-21
30
reference_url https://access.redhat.com/errata/RHSA-2015:1499
reference_id RHSA-2015:1499
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:1499
31
reference_url https://usn.ubuntu.com/2677-1/
reference_id USN-2677-1
reference_type
scores
url https://usn.ubuntu.com/2677-1/
32
reference_url https://usn.ubuntu.com/2726-1/
reference_id USN-2726-1
reference_type
scores
url https://usn.ubuntu.com/2726-1/
33
reference_url https://usn.ubuntu.com/3013-1/
reference_id USN-3013-1
reference_type
scores
url https://usn.ubuntu.com/3013-1/
34
reference_url https://usn.ubuntu.com/7199-1/
reference_id USN-7199-1
reference_type
scores
url https://usn.ubuntu.com/7199-1/
35
reference_url https://usn.ubuntu.com/USN-4772-1/
reference_id USN-USN-4772-1
reference_type
scores
url https://usn.ubuntu.com/USN-4772-1/
36
reference_url https://usn.ubuntu.com/USN-5455-1/
reference_id USN-USN-5455-1
reference_type
scores
url https://usn.ubuntu.com/USN-5455-1/
fixed_packages
0
url pkg:deb/debian/expat@2.1.0-1%2Bdeb7u2
purl pkg:deb/debian/expat@2.1.0-1%2Bdeb7u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-28yc-wkq6-c7hb
1
vulnerability VCID-3465-gq22-3kfy
2
vulnerability VCID-4c32-p11r-zud5
3
vulnerability VCID-6c4q-2my8-aqbc
4
vulnerability VCID-6pk2-g77j-h3b2
5
vulnerability VCID-7ndj-4zn8-cqa4
6
vulnerability VCID-94fm-s7mp-vfdb
7
vulnerability VCID-96wu-nph4-5yb5
8
vulnerability VCID-9ern-6htc-p7c4
9
vulnerability VCID-cy2n-zexk-jyda
10
vulnerability VCID-d26t-ex9d-x3ev
11
vulnerability VCID-dy3x-vd1y-dbbn
12
vulnerability VCID-gf3f-k2be-67e2
13
vulnerability VCID-gtcn-kyd2-xqdk
14
vulnerability VCID-h5xc-cubs-5fgu
15
vulnerability VCID-k2kp-fv3q-vyh2
16
vulnerability VCID-kp8z-47q5-n7es
17
vulnerability VCID-mddr-7zar-6kfn
18
vulnerability VCID-n7m1-6qrq-auaf
19
vulnerability VCID-naf7-p1jf-z3ds
20
vulnerability VCID-nmh4-zpeh-4bcr
21
vulnerability VCID-nw3z-nwyg-87e5
22
vulnerability VCID-nw7y-2xct-8fa5
23
vulnerability VCID-pba8-g9ts-43bw
24
vulnerability VCID-qcbz-21vm-eqfd
25
vulnerability VCID-r14v-u2r3-rkhz
26
vulnerability VCID-rjbn-1a88-87cj
27
vulnerability VCID-th9f-gg4v-bbbe
28
vulnerability VCID-tt7m-c9zc-1kem
29
vulnerability VCID-u2yw-sybk-uug8
30
vulnerability VCID-uw5p-szmd-8qcm
31
vulnerability VCID-x8gp-vvxg-13cw
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/expat@2.1.0-1%252Bdeb7u2
1
url pkg:deb/debian/expat@2.1.0-6%2Bdeb8u4
purl pkg:deb/debian/expat@2.1.0-6%2Bdeb8u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-28yc-wkq6-c7hb
1
vulnerability VCID-3465-gq22-3kfy
2
vulnerability VCID-4c32-p11r-zud5
3
vulnerability VCID-6c4q-2my8-aqbc
4
vulnerability VCID-6pk2-g77j-h3b2
5
vulnerability VCID-7ndj-4zn8-cqa4
6
vulnerability VCID-94fm-s7mp-vfdb
7
vulnerability VCID-96wu-nph4-5yb5
8
vulnerability VCID-9ern-6htc-p7c4
9
vulnerability VCID-cy2n-zexk-jyda
10
vulnerability VCID-d26t-ex9d-x3ev
11
vulnerability VCID-dy3x-vd1y-dbbn
12
vulnerability VCID-gf3f-k2be-67e2
13
vulnerability VCID-gtcn-kyd2-xqdk
14
vulnerability VCID-h5xc-cubs-5fgu
15
vulnerability VCID-k2kp-fv3q-vyh2
16
vulnerability VCID-kp8z-47q5-n7es
17
vulnerability VCID-mddr-7zar-6kfn
18
vulnerability VCID-n7m1-6qrq-auaf
19
vulnerability VCID-naf7-p1jf-z3ds
20
vulnerability VCID-nmh4-zpeh-4bcr
21
vulnerability VCID-nw3z-nwyg-87e5
22
vulnerability VCID-nw7y-2xct-8fa5
23
vulnerability VCID-pba8-g9ts-43bw
24
vulnerability VCID-qcbz-21vm-eqfd
25
vulnerability VCID-r14v-u2r3-rkhz
26
vulnerability VCID-rjbn-1a88-87cj
27
vulnerability VCID-th9f-gg4v-bbbe
28
vulnerability VCID-tt7m-c9zc-1kem
29
vulnerability VCID-u2yw-sybk-uug8
30
vulnerability VCID-uw5p-szmd-8qcm
31
vulnerability VCID-x8gp-vvxg-13cw
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/expat@2.1.0-6%252Bdeb8u4
2
url pkg:deb/debian/expat@2.2.0-2%2Bdeb9u3
purl pkg:deb/debian/expat@2.2.0-2%2Bdeb9u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-28yc-wkq6-c7hb
1
vulnerability VCID-4c32-p11r-zud5
2
vulnerability VCID-7ndj-4zn8-cqa4
3
vulnerability VCID-94fm-s7mp-vfdb
4
vulnerability VCID-9ern-6htc-p7c4
5
vulnerability VCID-cy2n-zexk-jyda
6
vulnerability VCID-d26t-ex9d-x3ev
7
vulnerability VCID-dy3x-vd1y-dbbn
8
vulnerability VCID-gf3f-k2be-67e2
9
vulnerability VCID-gtcn-kyd2-xqdk
10
vulnerability VCID-k2kp-fv3q-vyh2
11
vulnerability VCID-kp8z-47q5-n7es
12
vulnerability VCID-mddr-7zar-6kfn
13
vulnerability VCID-n7m1-6qrq-auaf
14
vulnerability VCID-naf7-p1jf-z3ds
15
vulnerability VCID-nmh4-zpeh-4bcr
16
vulnerability VCID-nw3z-nwyg-87e5
17
vulnerability VCID-nw7y-2xct-8fa5
18
vulnerability VCID-pba8-g9ts-43bw
19
vulnerability VCID-r14v-u2r3-rkhz
20
vulnerability VCID-rjbn-1a88-87cj
21
vulnerability VCID-th9f-gg4v-bbbe
22
vulnerability VCID-tt7m-c9zc-1kem
23
vulnerability VCID-u2yw-sybk-uug8
24
vulnerability VCID-uw5p-szmd-8qcm
25
vulnerability VCID-x8gp-vvxg-13cw
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/expat@2.2.0-2%252Bdeb9u3
aliases CVE-2015-1283
risk_score 1.7
exploitability 0.5
weighted_severity 3.4
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qcbz-21vm-eqfd
27
url VCID-qtav-hqnd-b7fa
vulnerability_id VCID-qtav-hqnd-b7fa
summary A buffer over-read flaw was found in the bundled expat library. An attacker who is able to get Apache to parse an untrused XML document (for example through mod_dav) may be able to cause a crash. This crash would only be a denial of service if using the worker MPM.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3560.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3560.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2009-3560
reference_id
reference_type
scores
0
value 0.0283
scoring_system epss
scoring_elements 0.86182
published_at 2026-04-11T12:55:00Z
1
value 0.0283
scoring_system epss
scoring_elements 0.86111
published_at 2026-04-01T12:55:00Z
2
value 0.0283
scoring_system epss
scoring_elements 0.86121
published_at 2026-04-02T12:55:00Z
3
value 0.0283
scoring_system epss
scoring_elements 0.86137
published_at 2026-04-07T12:55:00Z
4
value 0.0283
scoring_system epss
scoring_elements 0.86156
published_at 2026-04-08T12:55:00Z
5
value 0.0283
scoring_system epss
scoring_elements 0.86168
published_at 2026-04-09T12:55:00Z
6
value 0.03311
scoring_system epss
scoring_elements 0.87253
published_at 2026-04-13T12:55:00Z
7
value 0.03311
scoring_system epss
scoring_elements 0.87257
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2009-3560
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3560
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3560
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=533174
reference_id 533174
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=533174
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560901
reference_id 560901
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560901
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560919
reference_id 560919
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560919
6
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560920
reference_id 560920
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560920
7
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560921
reference_id 560921
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560921
8
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560922
reference_id 560922
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560922
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560926
reference_id 560926
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560926
10
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560927
reference_id 560927
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560927
11
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560928
reference_id 560928
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560928
12
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560929
reference_id 560929
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560929
13
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560930
reference_id 560930
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560930
14
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560935
reference_id 560935
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560935
15
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560936
reference_id 560936
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560936
16
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560937
reference_id 560937
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560937
17
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560940
reference_id 560940
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560940
18
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560942
reference_id 560942
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560942
19
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=601053
reference_id 601053
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=601053
20
reference_url https://httpd.apache.org/security/json/CVE-2009-3560.json
reference_id CVE-2009-3560
reference_type
scores
0
value low
scoring_system apache_httpd
scoring_elements
url https://httpd.apache.org/security/json/CVE-2009-3560.json
21
reference_url https://security.gentoo.org/glsa/201209-06
reference_id GLSA-201209-06
reference_type
scores
url https://security.gentoo.org/glsa/201209-06
22
reference_url https://access.redhat.com/errata/RHSA-2009:1625
reference_id RHSA-2009:1625
reference_type
scores
url https://access.redhat.com/errata/RHSA-2009:1625
23
reference_url https://access.redhat.com/errata/RHSA-2017:3239
reference_id RHSA-2017:3239
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3239
24
reference_url https://usn.ubuntu.com/890-1/
reference_id USN-890-1
reference_type
scores
url https://usn.ubuntu.com/890-1/
25
reference_url https://usn.ubuntu.com/890-2/
reference_id USN-890-2
reference_type
scores
url https://usn.ubuntu.com/890-2/
26
reference_url https://usn.ubuntu.com/890-3/
reference_id USN-890-3
reference_type
scores
url https://usn.ubuntu.com/890-3/
27
reference_url https://usn.ubuntu.com/890-4/
reference_id USN-890-4
reference_type
scores
url https://usn.ubuntu.com/890-4/
28
reference_url https://usn.ubuntu.com/890-5/
reference_id USN-890-5
reference_type
scores
url https://usn.ubuntu.com/890-5/
29
reference_url https://usn.ubuntu.com/890-6/
reference_id USN-890-6
reference_type
scores
url https://usn.ubuntu.com/890-6/
fixed_packages
0
url pkg:deb/debian/expat@2.0.1-7%2Bsqueeze1
purl pkg:deb/debian/expat@2.0.1-7%2Bsqueeze1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-28yc-wkq6-c7hb
1
vulnerability VCID-3465-gq22-3kfy
2
vulnerability VCID-4c32-p11r-zud5
3
vulnerability VCID-6c4q-2my8-aqbc
4
vulnerability VCID-6pk2-g77j-h3b2
5
vulnerability VCID-7ndj-4zn8-cqa4
6
vulnerability VCID-94fm-s7mp-vfdb
7
vulnerability VCID-96wu-nph4-5yb5
8
vulnerability VCID-9ern-6htc-p7c4
9
vulnerability VCID-cy2n-zexk-jyda
10
vulnerability VCID-d26t-ex9d-x3ev
11
vulnerability VCID-dy3x-vd1y-dbbn
12
vulnerability VCID-e742-j1bw-jbbh
13
vulnerability VCID-gf3f-k2be-67e2
14
vulnerability VCID-gtcn-kyd2-xqdk
15
vulnerability VCID-h5xc-cubs-5fgu
16
vulnerability VCID-k2kp-fv3q-vyh2
17
vulnerability VCID-kp8z-47q5-n7es
18
vulnerability VCID-mddr-7zar-6kfn
19
vulnerability VCID-n7m1-6qrq-auaf
20
vulnerability VCID-naf7-p1jf-z3ds
21
vulnerability VCID-nmh4-zpeh-4bcr
22
vulnerability VCID-nw3z-nwyg-87e5
23
vulnerability VCID-nw7y-2xct-8fa5
24
vulnerability VCID-pba8-g9ts-43bw
25
vulnerability VCID-qcbz-21vm-eqfd
26
vulnerability VCID-r14v-u2r3-rkhz
27
vulnerability VCID-ra3j-95vv-cfen
28
vulnerability VCID-rjbn-1a88-87cj
29
vulnerability VCID-th9f-gg4v-bbbe
30
vulnerability VCID-tt7m-c9zc-1kem
31
vulnerability VCID-u2yw-sybk-uug8
32
vulnerability VCID-uw5p-szmd-8qcm
33
vulnerability VCID-x8gp-vvxg-13cw
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/expat@2.0.1-7%252Bsqueeze1
aliases CVE-2009-3560
risk_score 1.1
exploitability 0.5
weighted_severity 2.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qtav-hqnd-b7fa
28
url VCID-r14v-u2r3-rkhz
vulnerability_id VCID-r14v-u2r3-rkhz
summary security update
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9233.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9233.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-9233
reference_id
reference_type
scores
0
value 0.00252
scoring_system epss
scoring_elements 0.4851
published_at 2026-04-01T12:55:00Z
1
value 0.00252
scoring_system epss
scoring_elements 0.48578
published_at 2026-04-13T12:55:00Z
2
value 0.00252
scoring_system epss
scoring_elements 0.48575
published_at 2026-04-08T12:55:00Z
3
value 0.00252
scoring_system epss
scoring_elements 0.48571
published_at 2026-04-09T12:55:00Z
4
value 0.00252
scoring_system epss
scoring_elements 0.48592
published_at 2026-04-11T12:55:00Z
5
value 0.00252
scoring_system epss
scoring_elements 0.48565
published_at 2026-04-12T12:55:00Z
6
value 0.00252
scoring_system epss
scoring_elements 0.48546
published_at 2026-04-02T12:55:00Z
7
value 0.00252
scoring_system epss
scoring_elements 0.48569
published_at 2026-04-04T12:55:00Z
8
value 0.00252
scoring_system epss
scoring_elements 0.48521
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-9233
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9233
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9233
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:N/A:P
1
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1462729
reference_id 1462729
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1462729
5
reference_url https://security.archlinux.org/ASA-201706-32
reference_id ASA-201706-32
reference_type
scores
url https://security.archlinux.org/ASA-201706-32
6
reference_url https://security.archlinux.org/ASA-201707-27
reference_id ASA-201707-27
reference_type
scores
url https://security.archlinux.org/ASA-201707-27
7
reference_url https://security.archlinux.org/AVG-305
reference_id AVG-305
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-305
8
reference_url https://security.archlinux.org/AVG-306
reference_id AVG-306
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-306
9
reference_url https://usn.ubuntu.com/3356-1/
reference_id USN-3356-1
reference_type
scores
url https://usn.ubuntu.com/3356-1/
10
reference_url https://usn.ubuntu.com/3356-2/
reference_id USN-3356-2
reference_type
scores
url https://usn.ubuntu.com/3356-2/
11
reference_url https://usn.ubuntu.com/USN-4825-1/
reference_id USN-USN-4825-1
reference_type
scores
url https://usn.ubuntu.com/USN-4825-1/
fixed_packages
0
url pkg:deb/debian/expat@2.1.0-6%2Bdeb8u4
purl pkg:deb/debian/expat@2.1.0-6%2Bdeb8u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-28yc-wkq6-c7hb
1
vulnerability VCID-3465-gq22-3kfy
2
vulnerability VCID-4c32-p11r-zud5
3
vulnerability VCID-6c4q-2my8-aqbc
4
vulnerability VCID-6pk2-g77j-h3b2
5
vulnerability VCID-7ndj-4zn8-cqa4
6
vulnerability VCID-94fm-s7mp-vfdb
7
vulnerability VCID-96wu-nph4-5yb5
8
vulnerability VCID-9ern-6htc-p7c4
9
vulnerability VCID-cy2n-zexk-jyda
10
vulnerability VCID-d26t-ex9d-x3ev
11
vulnerability VCID-dy3x-vd1y-dbbn
12
vulnerability VCID-gf3f-k2be-67e2
13
vulnerability VCID-gtcn-kyd2-xqdk
14
vulnerability VCID-h5xc-cubs-5fgu
15
vulnerability VCID-k2kp-fv3q-vyh2
16
vulnerability VCID-kp8z-47q5-n7es
17
vulnerability VCID-mddr-7zar-6kfn
18
vulnerability VCID-n7m1-6qrq-auaf
19
vulnerability VCID-naf7-p1jf-z3ds
20
vulnerability VCID-nmh4-zpeh-4bcr
21
vulnerability VCID-nw3z-nwyg-87e5
22
vulnerability VCID-nw7y-2xct-8fa5
23
vulnerability VCID-pba8-g9ts-43bw
24
vulnerability VCID-qcbz-21vm-eqfd
25
vulnerability VCID-r14v-u2r3-rkhz
26
vulnerability VCID-rjbn-1a88-87cj
27
vulnerability VCID-th9f-gg4v-bbbe
28
vulnerability VCID-tt7m-c9zc-1kem
29
vulnerability VCID-u2yw-sybk-uug8
30
vulnerability VCID-uw5p-szmd-8qcm
31
vulnerability VCID-x8gp-vvxg-13cw
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/expat@2.1.0-6%252Bdeb8u4
1
url pkg:deb/debian/expat@2.2.0-2%2Bdeb9u3
purl pkg:deb/debian/expat@2.2.0-2%2Bdeb9u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-28yc-wkq6-c7hb
1
vulnerability VCID-4c32-p11r-zud5
2
vulnerability VCID-7ndj-4zn8-cqa4
3
vulnerability VCID-94fm-s7mp-vfdb
4
vulnerability VCID-9ern-6htc-p7c4
5
vulnerability VCID-cy2n-zexk-jyda
6
vulnerability VCID-d26t-ex9d-x3ev
7
vulnerability VCID-dy3x-vd1y-dbbn
8
vulnerability VCID-gf3f-k2be-67e2
9
vulnerability VCID-gtcn-kyd2-xqdk
10
vulnerability VCID-k2kp-fv3q-vyh2
11
vulnerability VCID-kp8z-47q5-n7es
12
vulnerability VCID-mddr-7zar-6kfn
13
vulnerability VCID-n7m1-6qrq-auaf
14
vulnerability VCID-naf7-p1jf-z3ds
15
vulnerability VCID-nmh4-zpeh-4bcr
16
vulnerability VCID-nw3z-nwyg-87e5
17
vulnerability VCID-nw7y-2xct-8fa5
18
vulnerability VCID-pba8-g9ts-43bw
19
vulnerability VCID-r14v-u2r3-rkhz
20
vulnerability VCID-rjbn-1a88-87cj
21
vulnerability VCID-th9f-gg4v-bbbe
22
vulnerability VCID-tt7m-c9zc-1kem
23
vulnerability VCID-u2yw-sybk-uug8
24
vulnerability VCID-uw5p-szmd-8qcm
25
vulnerability VCID-x8gp-vvxg-13cw
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/expat@2.2.0-2%252Bdeb9u3
2
url pkg:deb/debian/expat@2.2.6-2%2Bdeb10u4
purl pkg:deb/debian/expat@2.2.6-2%2Bdeb10u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-28yc-wkq6-c7hb
1
vulnerability VCID-4c32-p11r-zud5
2
vulnerability VCID-7ndj-4zn8-cqa4
3
vulnerability VCID-94fm-s7mp-vfdb
4
vulnerability VCID-9ern-6htc-p7c4
5
vulnerability VCID-cy2n-zexk-jyda
6
vulnerability VCID-d26t-ex9d-x3ev
7
vulnerability VCID-dy3x-vd1y-dbbn
8
vulnerability VCID-gf3f-k2be-67e2
9
vulnerability VCID-gtcn-kyd2-xqdk
10
vulnerability VCID-k2kp-fv3q-vyh2
11
vulnerability VCID-kp8z-47q5-n7es
12
vulnerability VCID-mddr-7zar-6kfn
13
vulnerability VCID-n7m1-6qrq-auaf
14
vulnerability VCID-nmh4-zpeh-4bcr
15
vulnerability VCID-nw3z-nwyg-87e5
16
vulnerability VCID-nw7y-2xct-8fa5
17
vulnerability VCID-pba8-g9ts-43bw
18
vulnerability VCID-rjbn-1a88-87cj
19
vulnerability VCID-th9f-gg4v-bbbe
20
vulnerability VCID-tt7m-c9zc-1kem
21
vulnerability VCID-u2yw-sybk-uug8
22
vulnerability VCID-uw5p-szmd-8qcm
23
vulnerability VCID-x8gp-vvxg-13cw
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/expat@2.2.6-2%252Bdeb10u4
aliases CVE-2017-9233
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-r14v-u2r3-rkhz
29
url VCID-ra3j-95vv-cfen
vulnerability_id VCID-ra3j-95vv-cfen
summary 
Multiple vulnerabilities have been found in Expat, possibly
    resulting in Denial of Service.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0876.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0876.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-0876
reference_id
reference_type
scores
0
value 0.00306
scoring_system epss
scoring_elements 0.53862
published_at 2026-04-13T12:55:00Z
1
value 0.00306
scoring_system epss
scoring_elements 0.53778
published_at 2026-04-01T12:55:00Z
2
value 0.00306
scoring_system epss
scoring_elements 0.53797
published_at 2026-04-07T12:55:00Z
3
value 0.00306
scoring_system epss
scoring_elements 0.53824
published_at 2026-04-04T12:55:00Z
4
value 0.00306
scoring_system epss
scoring_elements 0.53849
published_at 2026-04-08T12:55:00Z
5
value 0.00306
scoring_system epss
scoring_elements 0.53847
published_at 2026-04-09T12:55:00Z
6
value 0.00306
scoring_system epss
scoring_elements 0.53895
published_at 2026-04-11T12:55:00Z
7
value 0.00306
scoring_system epss
scoring_elements 0.53878
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-0876
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0876
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0876
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=663579
reference_id 663579
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=663579
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=687672
reference_id 687672
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=687672
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=786617
reference_id 786617
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=786617
7
reference_url https://security.gentoo.org/glsa/201209-06
reference_id GLSA-201209-06
reference_type
scores
url https://security.gentoo.org/glsa/201209-06
8
reference_url https://access.redhat.com/errata/RHSA-2012:0731
reference_id RHSA-2012:0731
reference_type
scores
url https://access.redhat.com/errata/RHSA-2012:0731
9
reference_url https://access.redhat.com/errata/RHSA-2016:0062
reference_id RHSA-2016:0062
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:0062
10
reference_url https://access.redhat.com/errata/RHSA-2016:2957
reference_id RHSA-2016:2957
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:2957
11
reference_url https://access.redhat.com/errata/RHSA-2017:3239
reference_id RHSA-2017:3239
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:3239
12
reference_url https://usn.ubuntu.com/1527-1/
reference_id USN-1527-1
reference_type
scores
url https://usn.ubuntu.com/1527-1/
13
reference_url https://usn.ubuntu.com/1527-2/
reference_id USN-1527-2
reference_type
scores
url https://usn.ubuntu.com/1527-2/
14
reference_url https://usn.ubuntu.com/1613-1/
reference_id USN-1613-1
reference_type
scores
url https://usn.ubuntu.com/1613-1/
15
reference_url https://usn.ubuntu.com/1613-2/
reference_id USN-1613-2
reference_type
scores
url https://usn.ubuntu.com/1613-2/
fixed_packages
0
url pkg:deb/debian/expat@2.1.0-1%2Bdeb7u2
purl pkg:deb/debian/expat@2.1.0-1%2Bdeb7u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-28yc-wkq6-c7hb
1
vulnerability VCID-3465-gq22-3kfy
2
vulnerability VCID-4c32-p11r-zud5
3
vulnerability VCID-6c4q-2my8-aqbc
4
vulnerability VCID-6pk2-g77j-h3b2
5
vulnerability VCID-7ndj-4zn8-cqa4
6
vulnerability VCID-94fm-s7mp-vfdb
7
vulnerability VCID-96wu-nph4-5yb5
8
vulnerability VCID-9ern-6htc-p7c4
9
vulnerability VCID-cy2n-zexk-jyda
10
vulnerability VCID-d26t-ex9d-x3ev
11
vulnerability VCID-dy3x-vd1y-dbbn
12
vulnerability VCID-gf3f-k2be-67e2
13
vulnerability VCID-gtcn-kyd2-xqdk
14
vulnerability VCID-h5xc-cubs-5fgu
15
vulnerability VCID-k2kp-fv3q-vyh2
16
vulnerability VCID-kp8z-47q5-n7es
17
vulnerability VCID-mddr-7zar-6kfn
18
vulnerability VCID-n7m1-6qrq-auaf
19
vulnerability VCID-naf7-p1jf-z3ds
20
vulnerability VCID-nmh4-zpeh-4bcr
21
vulnerability VCID-nw3z-nwyg-87e5
22
vulnerability VCID-nw7y-2xct-8fa5
23
vulnerability VCID-pba8-g9ts-43bw
24
vulnerability VCID-qcbz-21vm-eqfd
25
vulnerability VCID-r14v-u2r3-rkhz
26
vulnerability VCID-rjbn-1a88-87cj
27
vulnerability VCID-th9f-gg4v-bbbe
28
vulnerability VCID-tt7m-c9zc-1kem
29
vulnerability VCID-u2yw-sybk-uug8
30
vulnerability VCID-uw5p-szmd-8qcm
31
vulnerability VCID-x8gp-vvxg-13cw
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/expat@2.1.0-1%252Bdeb7u2
aliases CVE-2012-0876
risk_score 1.3
exploitability 0.5
weighted_severity 2.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ra3j-95vv-cfen
30
url VCID-rjbn-1a88-87cj
vulnerability_id VCID-rjbn-1a88-87cj
summary A vulnerability has been found in Expat which could result in denial of service.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-43680.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-43680.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-43680
reference_id
reference_type
scores
0
value 0.00557
scoring_system epss
scoring_elements 0.68138
published_at 2026-04-02T12:55:00Z
1
value 0.00557
scoring_system epss
scoring_elements 0.68177
published_at 2026-04-13T12:55:00Z
2
value 0.00557
scoring_system epss
scoring_elements 0.68155
published_at 2026-04-04T12:55:00Z
3
value 0.00557
scoring_system epss
scoring_elements 0.68132
published_at 2026-04-07T12:55:00Z
4
value 0.00557
scoring_system epss
scoring_elements 0.68184
published_at 2026-04-08T12:55:00Z
5
value 0.00557
scoring_system epss
scoring_elements 0.68199
published_at 2026-04-09T12:55:00Z
6
value 0.00557
scoring_system epss
scoring_elements 0.68224
published_at 2026-04-11T12:55:00Z
7
value 0.00557
scoring_system epss
scoring_elements 0.6821
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-43680
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43680
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43680
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1022743
reference_id 1022743
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1022743
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2140059
reference_id 2140059
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2140059
6
reference_url http://www.openwall.com/lists/oss-security/2023/12/28/5
reference_id 5
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:19:46Z/
url http://www.openwall.com/lists/oss-security/2023/12/28/5
7
reference_url http://www.openwall.com/lists/oss-security/2024/01/03/5
reference_id 5
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:19:46Z/
url http://www.openwall.com/lists/oss-security/2024/01/03/5
8
reference_url https://github.com/libexpat/libexpat/pull/616
reference_id 616
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:19:46Z/
url https://github.com/libexpat/libexpat/pull/616
9
reference_url https://github.com/libexpat/libexpat/issues/649
reference_id 649
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:19:46Z/
url https://github.com/libexpat/libexpat/issues/649
10
reference_url https://github.com/libexpat/libexpat/pull/650
reference_id 650
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:19:46Z/
url https://github.com/libexpat/libexpat/pull/650
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AJ5VY2VYXE4WTRGQ6LMGLF6FV3SY37YE/
reference_id AJ5VY2VYXE4WTRGQ6LMGLF6FV3SY37YE
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:19:46Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AJ5VY2VYXE4WTRGQ6LMGLF6FV3SY37YE/
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BY4OPSIB33ETNUXZY2UPZ4NGQ3OKDY4D/
reference_id BY4OPSIB33ETNUXZY2UPZ4NGQ3OKDY4D
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:19:46Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BY4OPSIB33ETNUXZY2UPZ4NGQ3OKDY4D/
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DPQVIF6TOJNY2T3ZZETFKR4G34FFREBQ/
reference_id DPQVIF6TOJNY2T3ZZETFKR4G34FFREBQ
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:19:46Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DPQVIF6TOJNY2T3ZZETFKR4G34FFREBQ/
14
reference_url https://www.debian.org/security/2022/dsa-5266
reference_id dsa-5266
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:19:46Z/
url https://www.debian.org/security/2022/dsa-5266
15
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FFCOMBSOJKLIKCGCJWHLJXO4EVYBG7AR/
reference_id FFCOMBSOJKLIKCGCJWHLJXO4EVYBG7AR
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:19:46Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FFCOMBSOJKLIKCGCJWHLJXO4EVYBG7AR/
16
reference_url https://security.gentoo.org/glsa/202210-38
reference_id GLSA-202210-38
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:19:46Z/
url https://security.gentoo.org/glsa/202210-38
17
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IUJ2BULJTZ2BMSKQHB6US674P55UCWWS/
reference_id IUJ2BULJTZ2BMSKQHB6US674P55UCWWS
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:19:46Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IUJ2BULJTZ2BMSKQHB6US674P55UCWWS/
18
reference_url https://lists.debian.org/debian-lts-announce/2022/10/msg00033.html
reference_id msg00033.html
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:19:46Z/
url https://lists.debian.org/debian-lts-announce/2022/10/msg00033.html
19
reference_url https://security.netapp.com/advisory/ntap-20221118-0007/
reference_id ntap-20221118-0007
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:19:46Z/
url https://security.netapp.com/advisory/ntap-20221118-0007/
20
reference_url https://access.redhat.com/errata/RHSA-2022:8548
reference_id RHSA-2022:8548
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8548
21
reference_url https://access.redhat.com/errata/RHSA-2022:8549
reference_id RHSA-2022:8549
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8549
22
reference_url https://access.redhat.com/errata/RHSA-2022:8550
reference_id RHSA-2022:8550
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8550
23
reference_url https://access.redhat.com/errata/RHSA-2022:8553
reference_id RHSA-2022:8553
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8553
24
reference_url https://access.redhat.com/errata/RHSA-2022:8554
reference_id RHSA-2022:8554
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8554
25
reference_url https://access.redhat.com/errata/RHSA-2023:0103
reference_id RHSA-2023:0103
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0103
26
reference_url https://access.redhat.com/errata/RHSA-2023:0337
reference_id RHSA-2023:0337
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0337
27
reference_url https://access.redhat.com/errata/RHSA-2023:3355
reference_id RHSA-2023:3355
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3355
28
reference_url https://access.redhat.com/errata/RHSA-2024:0421
reference_id RHSA-2024:0421
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0421
29
reference_url https://access.redhat.com/errata/RHSA-2025:22785
reference_id RHSA-2025:22785
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:22785
30
reference_url https://access.redhat.com/errata/RHSA-2025:22871
reference_id RHSA-2025:22871
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:22871
31
reference_url https://usn.ubuntu.com/5638-2/
reference_id USN-5638-2
reference_type
scores
url https://usn.ubuntu.com/5638-2/
32
reference_url https://usn.ubuntu.com/5638-3/
reference_id USN-5638-3
reference_type
scores
url https://usn.ubuntu.com/5638-3/
33
reference_url https://usn.ubuntu.com/5638-4/
reference_id USN-5638-4
reference_type
scores
url https://usn.ubuntu.com/5638-4/
34
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XG5XOOB7CD55CEE6OJYKSACSIMQ4RWQ6/
reference_id XG5XOOB7CD55CEE6OJYKSACSIMQ4RWQ6
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-30T19:19:46Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XG5XOOB7CD55CEE6OJYKSACSIMQ4RWQ6/
fixed_packages
0
url pkg:deb/debian/expat@2.2.10-2%2Bdeb11u5
purl pkg:deb/debian/expat@2.2.10-2%2Bdeb11u5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1fms-7y9v-dfc5
1
vulnerability VCID-77y6-jskt-qucb
2
vulnerability VCID-7ndj-4zn8-cqa4
3
vulnerability VCID-d26t-ex9d-x3ev
4
vulnerability VCID-gtcn-kyd2-xqdk
5
vulnerability VCID-jqe4-44gw-wbhu
6
vulnerability VCID-k2kp-fv3q-vyh2
7
vulnerability VCID-nguf-68jf-ryaz
8
vulnerability VCID-nktd-7gph-kkb1
9
vulnerability VCID-nw3z-nwyg-87e5
10
vulnerability VCID-qmx9-wkj4-67h3
11
vulnerability VCID-u5pr-wheu-h7c6
12
vulnerability VCID-utz3-ytaf-cbht
13
vulnerability VCID-v41j-xj8s-m7ar
14
vulnerability VCID-yw8s-ezc7-6ub8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/expat@2.2.10-2%252Bdeb11u5
aliases CVE-2022-43680
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rjbn-1a88-87cj
31
url VCID-th9f-gg4v-bbbe
vulnerability_id VCID-th9f-gg4v-bbbe
summary Multiple vulnerabilities have been discovered in Expat, the worst of which could result in arbitrary code execution.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-25314.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-25314.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-25314
reference_id
reference_type
scores
0
value 0.00365
scoring_system epss
scoring_elements 0.58529
published_at 2026-04-09T12:55:00Z
1
value 0.00365
scoring_system epss
scoring_elements 0.58479
published_at 2026-04-02T12:55:00Z
2
value 0.00365
scoring_system epss
scoring_elements 0.58507
published_at 2026-04-13T12:55:00Z
3
value 0.00365
scoring_system epss
scoring_elements 0.58527
published_at 2026-04-12T12:55:00Z
4
value 0.00365
scoring_system epss
scoring_elements 0.58546
published_at 2026-04-11T12:55:00Z
5
value 0.00365
scoring_system epss
scoring_elements 0.58499
published_at 2026-04-04T12:55:00Z
6
value 0.00365
scoring_system epss
scoring_elements 0.58471
published_at 2026-04-07T12:55:00Z
7
value 0.00365
scoring_system epss
scoring_elements 0.58523
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-25314
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25235
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25235
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25236
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25236
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25313
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25313
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25314
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25314
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25315
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25315
7
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
8
reference_url http://www.openwall.com/lists/oss-security/2022/02/19/1
reference_id 1
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:27:16Z/
url http://www.openwall.com/lists/oss-security/2022/02/19/1
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2056354
reference_id 2056354
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2056354
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU/
reference_id 3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:27:16Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU/
11
reference_url https://github.com/libexpat/libexpat/pull/560
reference_id 560
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:27:16Z/
url https://github.com/libexpat/libexpat/pull/560
12
reference_url https://www.debian.org/security/2022/dsa-5085
reference_id dsa-5085
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:27:16Z/
url https://www.debian.org/security/2022/dsa-5085
13
reference_url https://security.gentoo.org/glsa/202209-24
reference_id GLSA-202209-24
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:27:16Z/
url https://security.gentoo.org/glsa/202209-24
14
reference_url https://security.netapp.com/advisory/ntap-20220303-0008/
reference_id ntap-20220303-0008
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:27:16Z/
url https://security.netapp.com/advisory/ntap-20220303-0008/
15
reference_url https://access.redhat.com/errata/RHSA-2022:5244
reference_id RHSA-2022:5244
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5244
16
reference_url https://access.redhat.com/errata/RHSA-2022:5314
reference_id RHSA-2022:5314
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:5314
17
reference_url https://access.redhat.com/errata/RHSA-2022:7144
reference_id RHSA-2022:7144
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7144
18
reference_url https://access.redhat.com/errata/RHSA-2022:7811
reference_id RHSA-2022:7811
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7811
19
reference_url https://access.redhat.com/errata/RHSA-2025:22785
reference_id RHSA-2025:22785
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:22785
20
reference_url https://access.redhat.com/errata/RHSA-2025:22871
reference_id RHSA-2025:22871
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:22871
21
reference_url https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf
reference_id ssa-484086.pdf
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:27:16Z/
url https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf
22
reference_url https://usn.ubuntu.com/5320-1/
reference_id USN-5320-1
reference_type
scores
url https://usn.ubuntu.com/5320-1/
23
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM/
reference_id Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:27:16Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM/
fixed_packages
0
url pkg:deb/debian/expat@2.2.6-2%2Bdeb10u4
purl pkg:deb/debian/expat@2.2.6-2%2Bdeb10u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-28yc-wkq6-c7hb
1
vulnerability VCID-4c32-p11r-zud5
2
vulnerability VCID-7ndj-4zn8-cqa4
3
vulnerability VCID-94fm-s7mp-vfdb
4
vulnerability VCID-9ern-6htc-p7c4
5
vulnerability VCID-cy2n-zexk-jyda
6
vulnerability VCID-d26t-ex9d-x3ev
7
vulnerability VCID-dy3x-vd1y-dbbn
8
vulnerability VCID-gf3f-k2be-67e2
9
vulnerability VCID-gtcn-kyd2-xqdk
10
vulnerability VCID-k2kp-fv3q-vyh2
11
vulnerability VCID-kp8z-47q5-n7es
12
vulnerability VCID-mddr-7zar-6kfn
13
vulnerability VCID-n7m1-6qrq-auaf
14
vulnerability VCID-nmh4-zpeh-4bcr
15
vulnerability VCID-nw3z-nwyg-87e5
16
vulnerability VCID-nw7y-2xct-8fa5
17
vulnerability VCID-pba8-g9ts-43bw
18
vulnerability VCID-rjbn-1a88-87cj
19
vulnerability VCID-th9f-gg4v-bbbe
20
vulnerability VCID-tt7m-c9zc-1kem
21
vulnerability VCID-u2yw-sybk-uug8
22
vulnerability VCID-uw5p-szmd-8qcm
23
vulnerability VCID-x8gp-vvxg-13cw
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/expat@2.2.6-2%252Bdeb10u4
1
url pkg:deb/debian/expat@2.2.10-2%2Bdeb11u5
purl pkg:deb/debian/expat@2.2.10-2%2Bdeb11u5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1fms-7y9v-dfc5
1
vulnerability VCID-77y6-jskt-qucb
2
vulnerability VCID-7ndj-4zn8-cqa4
3
vulnerability VCID-d26t-ex9d-x3ev
4
vulnerability VCID-gtcn-kyd2-xqdk
5
vulnerability VCID-jqe4-44gw-wbhu
6
vulnerability VCID-k2kp-fv3q-vyh2
7
vulnerability VCID-nguf-68jf-ryaz
8
vulnerability VCID-nktd-7gph-kkb1
9
vulnerability VCID-nw3z-nwyg-87e5
10
vulnerability VCID-qmx9-wkj4-67h3
11
vulnerability VCID-u5pr-wheu-h7c6
12
vulnerability VCID-utz3-ytaf-cbht
13
vulnerability VCID-v41j-xj8s-m7ar
14
vulnerability VCID-yw8s-ezc7-6ub8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/expat@2.2.10-2%252Bdeb11u5
aliases CVE-2022-25314
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-th9f-gg4v-bbbe
32
url VCID-tt7m-c9zc-1kem
vulnerability_id VCID-tt7m-c9zc-1kem
summary Multiple vulnerabilities have been discovered in Expat, the worst of which could result in arbitrary code execution.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-23990.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-23990.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-23990
reference_id
reference_type
scores
0
value 0.03519
scoring_system epss
scoring_elements 0.87631
published_at 2026-04-08T12:55:00Z
1
value 0.03519
scoring_system epss
scoring_elements 0.87595
published_at 2026-04-02T12:55:00Z
2
value 0.03519
scoring_system epss
scoring_elements 0.87642
published_at 2026-04-13T12:55:00Z
3
value 0.03519
scoring_system epss
scoring_elements 0.87644
published_at 2026-04-12T12:55:00Z
4
value 0.03519
scoring_system epss
scoring_elements 0.87649
published_at 2026-04-11T12:55:00Z
5
value 0.03519
scoring_system epss
scoring_elements 0.87637
published_at 2026-04-09T12:55:00Z
6
value 0.03519
scoring_system epss
scoring_elements 0.87609
published_at 2026-04-04T12:55:00Z
7
value 0.03519
scoring_system epss
scoring_elements 0.87612
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-23990
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45960
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45960
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46143
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46143
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22822
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22822
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22823
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22823
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22824
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22824
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22825
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22825
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22826
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22826
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22827
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22827
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23852
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23852
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23990
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23990
12
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
13
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2048356
reference_id 2048356
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2048356
14
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/34NXVL2RZC2YZRV74ZQ3RNFB7WCEUP7D/
reference_id 34NXVL2RZC2YZRV74ZQ3RNFB7WCEUP7D
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:27:20Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/34NXVL2RZC2YZRV74ZQ3RNFB7WCEUP7D/
15
reference_url https://github.com/libexpat/libexpat/pull/551
reference_id 551
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:27:20Z/
url https://github.com/libexpat/libexpat/pull/551
16
reference_url https://www.debian.org/security/2022/dsa-5073
reference_id dsa-5073
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:27:20Z/
url https://www.debian.org/security/2022/dsa-5073
17
reference_url https://security.gentoo.org/glsa/202209-24
reference_id GLSA-202209-24
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:27:20Z/
url https://security.gentoo.org/glsa/202209-24
18
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R7FF2UH7MPXKTADYSJUAHI2Y5UHBSHUH/
reference_id R7FF2UH7MPXKTADYSJUAHI2Y5UHBSHUH
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:27:20Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R7FF2UH7MPXKTADYSJUAHI2Y5UHBSHUH/
19
reference_url https://access.redhat.com/errata/RHSA-2022:7144
reference_id RHSA-2022:7144
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7144
20
reference_url https://access.redhat.com/errata/RHSA-2022:7811
reference_id RHSA-2022:7811
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7811
21
reference_url https://access.redhat.com/errata/RHSA-2025:21776
reference_id RHSA-2025:21776
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:21776
22
reference_url https://access.redhat.com/errata/RHSA-2025:22607
reference_id RHSA-2025:22607
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:22607
23
reference_url https://access.redhat.com/errata/RHSA-2025:22785
reference_id RHSA-2025:22785
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:22785
24
reference_url https://access.redhat.com/errata/RHSA-2025:22842
reference_id RHSA-2025:22842
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:22842
25
reference_url https://access.redhat.com/errata/RHSA-2025:22871
reference_id RHSA-2025:22871
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:22871
26
reference_url https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf
reference_id ssa-484086.pdf
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:27:20Z/
url https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf
27
reference_url https://www.tenable.com/security/tns-2022-05
reference_id tns-2022-05
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:27:20Z/
url https://www.tenable.com/security/tns-2022-05
28
reference_url https://usn.ubuntu.com/5288-1/
reference_id USN-5288-1
reference_type
scores
url https://usn.ubuntu.com/5288-1/
fixed_packages
0
url pkg:deb/debian/expat@2.2.6-2%2Bdeb10u4
purl pkg:deb/debian/expat@2.2.6-2%2Bdeb10u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-28yc-wkq6-c7hb
1
vulnerability VCID-4c32-p11r-zud5
2
vulnerability VCID-7ndj-4zn8-cqa4
3
vulnerability VCID-94fm-s7mp-vfdb
4
vulnerability VCID-9ern-6htc-p7c4
5
vulnerability VCID-cy2n-zexk-jyda
6
vulnerability VCID-d26t-ex9d-x3ev
7
vulnerability VCID-dy3x-vd1y-dbbn
8
vulnerability VCID-gf3f-k2be-67e2
9
vulnerability VCID-gtcn-kyd2-xqdk
10
vulnerability VCID-k2kp-fv3q-vyh2
11
vulnerability VCID-kp8z-47q5-n7es
12
vulnerability VCID-mddr-7zar-6kfn
13
vulnerability VCID-n7m1-6qrq-auaf
14
vulnerability VCID-nmh4-zpeh-4bcr
15
vulnerability VCID-nw3z-nwyg-87e5
16
vulnerability VCID-nw7y-2xct-8fa5
17
vulnerability VCID-pba8-g9ts-43bw
18
vulnerability VCID-rjbn-1a88-87cj
19
vulnerability VCID-th9f-gg4v-bbbe
20
vulnerability VCID-tt7m-c9zc-1kem
21
vulnerability VCID-u2yw-sybk-uug8
22
vulnerability VCID-uw5p-szmd-8qcm
23
vulnerability VCID-x8gp-vvxg-13cw
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/expat@2.2.6-2%252Bdeb10u4
1
url pkg:deb/debian/expat@2.2.10-2%2Bdeb11u5
purl pkg:deb/debian/expat@2.2.10-2%2Bdeb11u5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1fms-7y9v-dfc5
1
vulnerability VCID-77y6-jskt-qucb
2
vulnerability VCID-7ndj-4zn8-cqa4
3
vulnerability VCID-d26t-ex9d-x3ev
4
vulnerability VCID-gtcn-kyd2-xqdk
5
vulnerability VCID-jqe4-44gw-wbhu
6
vulnerability VCID-k2kp-fv3q-vyh2
7
vulnerability VCID-nguf-68jf-ryaz
8
vulnerability VCID-nktd-7gph-kkb1
9
vulnerability VCID-nw3z-nwyg-87e5
10
vulnerability VCID-qmx9-wkj4-67h3
11
vulnerability VCID-u5pr-wheu-h7c6
12
vulnerability VCID-utz3-ytaf-cbht
13
vulnerability VCID-v41j-xj8s-m7ar
14
vulnerability VCID-yw8s-ezc7-6ub8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/expat@2.2.10-2%252Bdeb11u5
aliases CVE-2022-23990
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tt7m-c9zc-1kem
33
url VCID-u2yw-sybk-uug8
vulnerability_id VCID-u2yw-sybk-uug8
summary Multiple vulnerabilities have been discovered in Expat, the worst of which could result in arbitrary code execution.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22822.json
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22822.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-22822
reference_id
reference_type
scores
0
value 0.01328
scoring_system epss
scoring_elements 0.79891
published_at 2026-04-02T12:55:00Z
1
value 0.01328
scoring_system epss
scoring_elements 0.79912
published_at 2026-04-04T12:55:00Z
2
value 0.01328
scoring_system epss
scoring_elements 0.799
published_at 2026-04-07T12:55:00Z
3
value 0.01328
scoring_system epss
scoring_elements 0.79929
published_at 2026-04-08T12:55:00Z
4
value 0.01328
scoring_system epss
scoring_elements 0.79937
published_at 2026-04-09T12:55:00Z
5
value 0.01328
scoring_system epss
scoring_elements 0.79957
published_at 2026-04-11T12:55:00Z
6
value 0.01328
scoring_system epss
scoring_elements 0.7994
published_at 2026-04-12T12:55:00Z
7
value 0.01328
scoring_system epss
scoring_elements 0.79933
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-22822
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45960
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45960
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46143
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46143
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22822
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22822
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22823
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22823
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22824
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22824
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22825
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22825
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22826
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22826
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22827
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22827
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23852
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23852
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23990
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23990
12
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
13
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1003474
reference_id 1003474
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1003474
14
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2044457
reference_id 2044457
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2044457
15
reference_url https://security.gentoo.org/glsa/202209-24
reference_id GLSA-202209-24
reference_type
scores
url https://security.gentoo.org/glsa/202209-24
16
reference_url https://access.redhat.com/errata/RHSA-2022:0818
reference_id RHSA-2022:0818
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0818
17
reference_url https://access.redhat.com/errata/RHSA-2022:0824
reference_id RHSA-2022:0824
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0824
18
reference_url https://access.redhat.com/errata/RHSA-2022:0845
reference_id RHSA-2022:0845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0845
19
reference_url https://access.redhat.com/errata/RHSA-2022:0850
reference_id RHSA-2022:0850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0850
20
reference_url https://access.redhat.com/errata/RHSA-2022:0951
reference_id RHSA-2022:0951
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0951
21
reference_url https://access.redhat.com/errata/RHSA-2022:1069
reference_id RHSA-2022:1069
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1069
22
reference_url https://access.redhat.com/errata/RHSA-2022:7144
reference_id RHSA-2022:7144
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7144
23
reference_url https://access.redhat.com/errata/RHSA-2022:7692
reference_id RHSA-2022:7692
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7692
24
reference_url https://access.redhat.com/errata/RHSA-2025:22785
reference_id RHSA-2025:22785
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:22785
25
reference_url https://access.redhat.com/errata/RHSA-2025:22871
reference_id RHSA-2025:22871
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:22871
26
reference_url https://usn.ubuntu.com/5288-1/
reference_id USN-5288-1
reference_type
scores
url https://usn.ubuntu.com/5288-1/
27
reference_url https://usn.ubuntu.com/7199-1/
reference_id USN-7199-1
reference_type
scores
url https://usn.ubuntu.com/7199-1/
28
reference_url https://usn.ubuntu.com/USN-5455-1/
reference_id USN-USN-5455-1
reference_type
scores
url https://usn.ubuntu.com/USN-5455-1/
fixed_packages
0
url pkg:deb/debian/expat@2.2.6-2%2Bdeb10u4
purl pkg:deb/debian/expat@2.2.6-2%2Bdeb10u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-28yc-wkq6-c7hb
1
vulnerability VCID-4c32-p11r-zud5
2
vulnerability VCID-7ndj-4zn8-cqa4
3
vulnerability VCID-94fm-s7mp-vfdb
4
vulnerability VCID-9ern-6htc-p7c4
5
vulnerability VCID-cy2n-zexk-jyda
6
vulnerability VCID-d26t-ex9d-x3ev
7
vulnerability VCID-dy3x-vd1y-dbbn
8
vulnerability VCID-gf3f-k2be-67e2
9
vulnerability VCID-gtcn-kyd2-xqdk
10
vulnerability VCID-k2kp-fv3q-vyh2
11
vulnerability VCID-kp8z-47q5-n7es
12
vulnerability VCID-mddr-7zar-6kfn
13
vulnerability VCID-n7m1-6qrq-auaf
14
vulnerability VCID-nmh4-zpeh-4bcr
15
vulnerability VCID-nw3z-nwyg-87e5
16
vulnerability VCID-nw7y-2xct-8fa5
17
vulnerability VCID-pba8-g9ts-43bw
18
vulnerability VCID-rjbn-1a88-87cj
19
vulnerability VCID-th9f-gg4v-bbbe
20
vulnerability VCID-tt7m-c9zc-1kem
21
vulnerability VCID-u2yw-sybk-uug8
22
vulnerability VCID-uw5p-szmd-8qcm
23
vulnerability VCID-x8gp-vvxg-13cw
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/expat@2.2.6-2%252Bdeb10u4
1
url pkg:deb/debian/expat@2.2.10-2%2Bdeb11u5
purl pkg:deb/debian/expat@2.2.10-2%2Bdeb11u5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1fms-7y9v-dfc5
1
vulnerability VCID-77y6-jskt-qucb
2
vulnerability VCID-7ndj-4zn8-cqa4
3
vulnerability VCID-d26t-ex9d-x3ev
4
vulnerability VCID-gtcn-kyd2-xqdk
5
vulnerability VCID-jqe4-44gw-wbhu
6
vulnerability VCID-k2kp-fv3q-vyh2
7
vulnerability VCID-nguf-68jf-ryaz
8
vulnerability VCID-nktd-7gph-kkb1
9
vulnerability VCID-nw3z-nwyg-87e5
10
vulnerability VCID-qmx9-wkj4-67h3
11
vulnerability VCID-u5pr-wheu-h7c6
12
vulnerability VCID-utz3-ytaf-cbht
13
vulnerability VCID-v41j-xj8s-m7ar
14
vulnerability VCID-yw8s-ezc7-6ub8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/expat@2.2.10-2%252Bdeb11u5
aliases CVE-2022-22822
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-u2yw-sybk-uug8
34
url VCID-uw5p-szmd-8qcm
vulnerability_id VCID-uw5p-szmd-8qcm
summary Multiple vulnerabilities have been discovered in Expat, the worst of which could result in arbitrary code execution.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22823.json
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22823.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-22823
reference_id
reference_type
scores
0
value 0.00431
scoring_system epss
scoring_elements 0.62534
published_at 2026-04-02T12:55:00Z
1
value 0.00431
scoring_system epss
scoring_elements 0.62606
published_at 2026-04-12T12:55:00Z
2
value 0.00431
scoring_system epss
scoring_elements 0.62566
published_at 2026-04-04T12:55:00Z
3
value 0.00431
scoring_system epss
scoring_elements 0.62532
published_at 2026-04-07T12:55:00Z
4
value 0.00431
scoring_system epss
scoring_elements 0.62583
published_at 2026-04-13T12:55:00Z
5
value 0.00431
scoring_system epss
scoring_elements 0.62599
published_at 2026-04-09T12:55:00Z
6
value 0.00431
scoring_system epss
scoring_elements 0.62617
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-22823
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45960
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45960
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46143
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46143
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22822
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22822
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22823
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22823
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22824
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22824
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22825
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22825
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22826
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22826
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22827
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22827
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23852
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23852
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23990
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23990
12
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
13
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1003474
reference_id 1003474
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1003474
14
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2044464
reference_id 2044464
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2044464
15
reference_url http://www.openwall.com/lists/oss-security/2022/01/17/3
reference_id 3
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:45Z/
url http://www.openwall.com/lists/oss-security/2022/01/17/3
16
reference_url https://github.com/libexpat/libexpat/pull/539
reference_id 539
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:45Z/
url https://github.com/libexpat/libexpat/pull/539
17
reference_url https://www.debian.org/security/2022/dsa-5073
reference_id dsa-5073
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:45Z/
url https://www.debian.org/security/2022/dsa-5073
18
reference_url https://security.gentoo.org/glsa/202209-24
reference_id GLSA-202209-24
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:45Z/
url https://security.gentoo.org/glsa/202209-24
19
reference_url https://access.redhat.com/errata/RHSA-2022:0818
reference_id RHSA-2022:0818
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0818
20
reference_url https://access.redhat.com/errata/RHSA-2022:0824
reference_id RHSA-2022:0824
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0824
21
reference_url https://access.redhat.com/errata/RHSA-2022:0845
reference_id RHSA-2022:0845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0845
22
reference_url https://access.redhat.com/errata/RHSA-2022:0850
reference_id RHSA-2022:0850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0850
23
reference_url https://access.redhat.com/errata/RHSA-2022:0951
reference_id RHSA-2022:0951
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0951
24
reference_url https://access.redhat.com/errata/RHSA-2022:1069
reference_id RHSA-2022:1069
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1069
25
reference_url https://access.redhat.com/errata/RHSA-2022:7144
reference_id RHSA-2022:7144
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7144
26
reference_url https://access.redhat.com/errata/RHSA-2022:7692
reference_id RHSA-2022:7692
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7692
27
reference_url https://access.redhat.com/errata/RHSA-2025:22785
reference_id RHSA-2025:22785
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:22785
28
reference_url https://access.redhat.com/errata/RHSA-2025:22871
reference_id RHSA-2025:22871
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:22871
29
reference_url https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf
reference_id ssa-484086.pdf
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:45Z/
url https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf
30
reference_url https://www.tenable.com/security/tns-2022-05
reference_id tns-2022-05
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:27:45Z/
url https://www.tenable.com/security/tns-2022-05
31
reference_url https://usn.ubuntu.com/5288-1/
reference_id USN-5288-1
reference_type
scores
url https://usn.ubuntu.com/5288-1/
32
reference_url https://usn.ubuntu.com/7199-1/
reference_id USN-7199-1
reference_type
scores
url https://usn.ubuntu.com/7199-1/
33
reference_url https://usn.ubuntu.com/USN-5455-1/
reference_id USN-USN-5455-1
reference_type
scores
url https://usn.ubuntu.com/USN-5455-1/
fixed_packages
0
url pkg:deb/debian/expat@2.2.6-2%2Bdeb10u4
purl pkg:deb/debian/expat@2.2.6-2%2Bdeb10u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-28yc-wkq6-c7hb
1
vulnerability VCID-4c32-p11r-zud5
2
vulnerability VCID-7ndj-4zn8-cqa4
3
vulnerability VCID-94fm-s7mp-vfdb
4
vulnerability VCID-9ern-6htc-p7c4
5
vulnerability VCID-cy2n-zexk-jyda
6
vulnerability VCID-d26t-ex9d-x3ev
7
vulnerability VCID-dy3x-vd1y-dbbn
8
vulnerability VCID-gf3f-k2be-67e2
9
vulnerability VCID-gtcn-kyd2-xqdk
10
vulnerability VCID-k2kp-fv3q-vyh2
11
vulnerability VCID-kp8z-47q5-n7es
12
vulnerability VCID-mddr-7zar-6kfn
13
vulnerability VCID-n7m1-6qrq-auaf
14
vulnerability VCID-nmh4-zpeh-4bcr
15
vulnerability VCID-nw3z-nwyg-87e5
16
vulnerability VCID-nw7y-2xct-8fa5
17
vulnerability VCID-pba8-g9ts-43bw
18
vulnerability VCID-rjbn-1a88-87cj
19
vulnerability VCID-th9f-gg4v-bbbe
20
vulnerability VCID-tt7m-c9zc-1kem
21
vulnerability VCID-u2yw-sybk-uug8
22
vulnerability VCID-uw5p-szmd-8qcm
23
vulnerability VCID-x8gp-vvxg-13cw
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/expat@2.2.6-2%252Bdeb10u4
1
url pkg:deb/debian/expat@2.2.10-2%2Bdeb11u5
purl pkg:deb/debian/expat@2.2.10-2%2Bdeb11u5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1fms-7y9v-dfc5
1
vulnerability VCID-77y6-jskt-qucb
2
vulnerability VCID-7ndj-4zn8-cqa4
3
vulnerability VCID-d26t-ex9d-x3ev
4
vulnerability VCID-gtcn-kyd2-xqdk
5
vulnerability VCID-jqe4-44gw-wbhu
6
vulnerability VCID-k2kp-fv3q-vyh2
7
vulnerability VCID-nguf-68jf-ryaz
8
vulnerability VCID-nktd-7gph-kkb1
9
vulnerability VCID-nw3z-nwyg-87e5
10
vulnerability VCID-qmx9-wkj4-67h3
11
vulnerability VCID-u5pr-wheu-h7c6
12
vulnerability VCID-utz3-ytaf-cbht
13
vulnerability VCID-v41j-xj8s-m7ar
14
vulnerability VCID-yw8s-ezc7-6ub8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/expat@2.2.10-2%252Bdeb11u5
aliases CVE-2022-22823
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uw5p-szmd-8qcm
35
url VCID-x8gp-vvxg-13cw
vulnerability_id VCID-x8gp-vvxg-13cw
summary Multiple vulnerabilities have been discovered in Expat, the worst of which could result in arbitrary code execution.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46143.json
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46143.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-46143
reference_id
reference_type
scores
0
value 0.04085
scoring_system epss
scoring_elements 0.88513
published_at 2026-04-01T12:55:00Z
1
value 0.04085
scoring_system epss
scoring_elements 0.88521
published_at 2026-04-02T12:55:00Z
2
value 0.04085
scoring_system epss
scoring_elements 0.8857
published_at 2026-04-13T12:55:00Z
3
value 0.04085
scoring_system epss
scoring_elements 0.88539
published_at 2026-04-04T12:55:00Z
4
value 0.04085
scoring_system epss
scoring_elements 0.88542
published_at 2026-04-07T12:55:00Z
5
value 0.04085
scoring_system epss
scoring_elements 0.88561
published_at 2026-04-08T12:55:00Z
6
value 0.04085
scoring_system epss
scoring_elements 0.88566
published_at 2026-04-09T12:55:00Z
7
value 0.04085
scoring_system epss
scoring_elements 0.88578
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-46143
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45960
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45960
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46143
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46143
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22822
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22822
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22823
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22823
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22824
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22824
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22825
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22825
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22826
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22826
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22827
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22827
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23852
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23852
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23990
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23990
12
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
13
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1012179
reference_id 1012179
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1012179
14
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2044455
reference_id 2044455
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2044455
15
reference_url http://www.openwall.com/lists/oss-security/2022/01/17/3
reference_id 3
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AC:H/AV:N/A:H/C:H/I:H/PR:N/S:U/UI:N
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:17:07Z/
url http://www.openwall.com/lists/oss-security/2022/01/17/3
16
reference_url https://github.com/libexpat/libexpat/issues/532
reference_id 532
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AC:H/AV:N/A:H/C:H/I:H/PR:N/S:U/UI:N
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:17:07Z/
url https://github.com/libexpat/libexpat/issues/532
17
reference_url https://github.com/libexpat/libexpat/pull/538
reference_id 538
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AC:H/AV:N/A:H/C:H/I:H/PR:N/S:U/UI:N
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:17:07Z/
url https://github.com/libexpat/libexpat/pull/538
18
reference_url https://www.debian.org/security/2022/dsa-5073
reference_id dsa-5073
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AC:H/AV:N/A:H/C:H/I:H/PR:N/S:U/UI:N
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:17:07Z/
url https://www.debian.org/security/2022/dsa-5073
19
reference_url https://security.gentoo.org/glsa/202209-24
reference_id GLSA-202209-24
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AC:H/AV:N/A:H/C:H/I:H/PR:N/S:U/UI:N
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:17:07Z/
url https://security.gentoo.org/glsa/202209-24
20
reference_url https://security.netapp.com/advisory/ntap-20220121-0006/
reference_id ntap-20220121-0006
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AC:H/AV:N/A:H/C:H/I:H/PR:N/S:U/UI:N
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:17:07Z/
url https://security.netapp.com/advisory/ntap-20220121-0006/
21
reference_url https://access.redhat.com/errata/RHSA-2022:0951
reference_id RHSA-2022:0951
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0951
22
reference_url https://access.redhat.com/errata/RHSA-2022:1069
reference_id RHSA-2022:1069
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1069
23
reference_url https://access.redhat.com/errata/RHSA-2022:7144
reference_id RHSA-2022:7144
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7144
24
reference_url https://access.redhat.com/errata/RHSA-2022:7692
reference_id RHSA-2022:7692
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7692
25
reference_url https://access.redhat.com/errata/RHSA-2025:22785
reference_id RHSA-2025:22785
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:22785
26
reference_url https://access.redhat.com/errata/RHSA-2025:22871
reference_id RHSA-2025:22871
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:22871
27
reference_url https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf
reference_id ssa-484086.pdf
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AC:H/AV:N/A:H/C:H/I:H/PR:N/S:U/UI:N
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:17:07Z/
url https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf
28
reference_url https://www.tenable.com/security/tns-2022-05
reference_id tns-2022-05
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AC:H/AV:N/A:H/C:H/I:H/PR:N/S:U/UI:N
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:17:07Z/
url https://www.tenable.com/security/tns-2022-05
29
reference_url https://usn.ubuntu.com/5288-1/
reference_id USN-5288-1
reference_type
scores
url https://usn.ubuntu.com/5288-1/
30
reference_url https://usn.ubuntu.com/7199-1/
reference_id USN-7199-1
reference_type
scores
url https://usn.ubuntu.com/7199-1/
31
reference_url https://usn.ubuntu.com/7913-1/
reference_id USN-7913-1
reference_type
scores
url https://usn.ubuntu.com/7913-1/
32
reference_url https://usn.ubuntu.com/USN-5455-1/
reference_id USN-USN-5455-1
reference_type
scores
url https://usn.ubuntu.com/USN-5455-1/
fixed_packages
0
url pkg:deb/debian/expat@2.2.6-2%2Bdeb10u4
purl pkg:deb/debian/expat@2.2.6-2%2Bdeb10u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-28yc-wkq6-c7hb
1
vulnerability VCID-4c32-p11r-zud5
2
vulnerability VCID-7ndj-4zn8-cqa4
3
vulnerability VCID-94fm-s7mp-vfdb
4
vulnerability VCID-9ern-6htc-p7c4
5
vulnerability VCID-cy2n-zexk-jyda
6
vulnerability VCID-d26t-ex9d-x3ev
7
vulnerability VCID-dy3x-vd1y-dbbn
8
vulnerability VCID-gf3f-k2be-67e2
9
vulnerability VCID-gtcn-kyd2-xqdk
10
vulnerability VCID-k2kp-fv3q-vyh2
11
vulnerability VCID-kp8z-47q5-n7es
12
vulnerability VCID-mddr-7zar-6kfn
13
vulnerability VCID-n7m1-6qrq-auaf
14
vulnerability VCID-nmh4-zpeh-4bcr
15
vulnerability VCID-nw3z-nwyg-87e5
16
vulnerability VCID-nw7y-2xct-8fa5
17
vulnerability VCID-pba8-g9ts-43bw
18
vulnerability VCID-rjbn-1a88-87cj
19
vulnerability VCID-th9f-gg4v-bbbe
20
vulnerability VCID-tt7m-c9zc-1kem
21
vulnerability VCID-u2yw-sybk-uug8
22
vulnerability VCID-uw5p-szmd-8qcm
23
vulnerability VCID-x8gp-vvxg-13cw
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/expat@2.2.6-2%252Bdeb10u4
1
url pkg:deb/debian/expat@2.2.10-2%2Bdeb11u5
purl pkg:deb/debian/expat@2.2.10-2%2Bdeb11u5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1fms-7y9v-dfc5
1
vulnerability VCID-77y6-jskt-qucb
2
vulnerability VCID-7ndj-4zn8-cqa4
3
vulnerability VCID-d26t-ex9d-x3ev
4
vulnerability VCID-gtcn-kyd2-xqdk
5
vulnerability VCID-jqe4-44gw-wbhu
6
vulnerability VCID-k2kp-fv3q-vyh2
7
vulnerability VCID-nguf-68jf-ryaz
8
vulnerability VCID-nktd-7gph-kkb1
9
vulnerability VCID-nw3z-nwyg-87e5
10
vulnerability VCID-qmx9-wkj4-67h3
11
vulnerability VCID-u5pr-wheu-h7c6
12
vulnerability VCID-utz3-ytaf-cbht
13
vulnerability VCID-v41j-xj8s-m7ar
14
vulnerability VCID-yw8s-ezc7-6ub8
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/expat@2.2.10-2%252Bdeb11u5
aliases CVE-2021-46143
risk_score 3.6
exploitability 0.5
weighted_severity 7.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-x8gp-vvxg-13cw
Fixing_vulnerabilities
Risk_score4.5
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/expat@1.0-2